CVE-2013-10075

CVE-2013-10075: Apache::Session versions through 1.94 for Perl re-creates deleted sessions

Vendor Chorny

Product Apache::Session

Weakness CWE-672

Published May 8, 2026

Last update May 8, 2026

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

Description

Apache::Session versions through 1.94 for Perl re-creates deleted sessions. The session stores Apache::Session::Store::File and Apache::Session::Store::DB_File will create a session that does not exist. This can lead to sessions being revived, potentially with data that was to be deleted.

Key dates

Disclosure timeline

May 8, 2026 CVE published

May 8, 2026 Record updated