What is CVE-2013-10075?

CVE-2013-10075 is a critical-severity vulnerability in Chorny Apache\, classified under Operation on a Resource after Expiration or Release. CVSS score: 9.1/10. Published 2026-05-08.

How severe is CVE-2013-10075?

Critical severity. CVSS v3 base score is 9.1 out of 10.

Vulnerability in Chorny Apache\

CVE-2013-10075

Apache::Session versions through 1.94 for Perl re-creates deleted sessions. The session stores Apache::Session::Store::File and Apache::Session::Store::DB_File will create a session that does not exist. This can lead to sessions being re…

EPSS: 0.000 (3.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.1 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N.

Affected products

Chorny Apache\ — versions \
Chorny Apache::session — versions 0

Weakness classification (CWE)

CWE-672 — Operation on a Resource after Expiration or Release

References

9b29abf9-4ab0-4765-b253-1875cd9b441e (issue-tracking, Mailing List, Issue Tracking)
af854a3a-2127-422b-91ae-364da2661108 (Mailing List, Third Party Advisory)

Frequently asked questions

What is CVE-2013-10075?: CVE-2013-10075 is a critical-severity vulnerability in Chorny Apache\, classified under Operation on a Resource after Expiration or Release. CVSS score: 9.1/10. Published 2026-05-08.
How severe is CVE-2013-10075?: Critical severity. CVSS v3 base score is 9.1 out of 10.