Medium severity5.3NVD Advisory· Published Mar 24, 2024· Updated Apr 15, 2026

CVE-2018-25100

Description

The Mojolicious module before 7.66 for Perl may leak cookies in certain situations related to multiple similar cookies for the same domain. This affects Mojo::UserAgent::CookieJar.

Patches

0f9340eaf1b2

https://github.com/mojolicious/mojovia osv

c16a56a9d657

https://github.com/mojolicious/mojovia osv

commit

74e4900142ff

https://github.com/mojolicious/mojovia osv

PR #1192

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

github.com/mojolicious/mojo/commit/c16a56a9d6575ddc53d15e76d58f0ebcb0eeb149nvd
github.com/mojolicious/mojo/issues/1185nvd
github.com/mojolicious/mojo/pull/1192nvd
metacpan.org/dist/Mojolicious/changesnvd

News mentions

No linked articles in our index yet.

cvss	0.345
epss	0.000
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000