CVE-2013-10075
CriticalSummary
Apache::Session versions through 1.94 for Perl re-create deleted sessions. Sessions stored in Apache::Session::Store::File and Apache::Session::Store::DB_File can be revived, potentially exposing data that was meant to be deleted.
Risk Assessment
The organization may be at risk of sensitive data leakage, as deleted sessions can be restored, leading to unauthorized access to information.
Recommendation
It is recommended to upgrade Apache::Session to version 1.95 or later to prevent the recreation of deleted sessions.
Original NVD description (English source)
Apache::Session versions through 1.94 for Perl re-creates deleted sessions. The session stores Apache::Session::Store::File and Apache::Session::Store::DB_File will create a session that does not exist. This can lead to sessions being revived, potentially with data that was to be deleted.

