VYPR

Amon2::Plugin::Web::CSRFDefender

by Amon2

CVEs (1)

  • CVE-2026-5082MedApr 8, 2026
    risk 0.34cvss 5.3epss 0.00

    Amon2::Plugin::Web::CSRFDefender versions from 7.00 through 7.03 for Perl generate an insecure session id. The generate_session_id function will attempt to read bytes from the /dev/urandom device, but if that is unavailable then it generates bytes using SHA-1 hash seeded with…

VYPR — Vulnerability Intelligence