9.1
CVE-2013-10075
- EPSS 0.36%
- Veröffentlicht 08.05.2026 08:16:43
- Zuletzt bearbeitet 08.05.2026 19:51:16
- Quelle 9b29abf9-4ab0-4765-b253-1875cd
- CVE-Watchlists
- Unerledigt
LoginApache::Session versions through 1.94 for Perl re-creates deleted sessions
Apache::Session versions through 1.94 for Perl re-creates deleted sessions. The session stores Apache::Session::Store::File and Apache::Session::Store::DB_File will create a session that does not exist. This can lead to sessions being revived, potentially with data that was to be deleted.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Chorny ≫ Apache::session SwPlatformperl Version <= 1.94
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.36% | 0.273 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.1 | 3.9 | 5.2 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 9.1 | 3.9 | 5.2 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
|
CWE-672 Operation on a Resource after Expiration or Release
The product uses, accesses, or otherwise operates on a resource after that resource has been expired, released, or revoked.
https://rt.cpan.org/Public/Bug/Display.html?id=83525
http://www.openwall.com/lists/oss-security/2026/05/08/12