5 matches found
CVE-2018-25160
creationtimestamp| type| source ---|---|--- 2026-02-27 23:35:46+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mfuut5hylf2w 2026-02-27 23:40:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mfuv2vq2yv2u...
CVE-2018-25160
HTTP::Session2 versions through 1.09 for Perl does not validate the format of user provided session ids, enabling code injection or other impact depending on session backend. For example, if an application uses memcached for session storage, then it may be possible for a remote attacker to inject...
CVE-2018-25160
HTTP::Session2 versions through 1.09 for Perl does not validate the format of user provided session ids, enabling code injection or other impact depending on session backend. For example, if an application uses memcached for session storage, then it may be possible for a remote attacker to inject...
CVE-2018-25160
Summary (CVE-2018-25160) : The Perl package HTTP::Session2 (versions through 1.09) does not validate the format of user-provided session IDs, enabling potential code injection or other impact depending on the session backend. Red Hat and EU/ENISA entries corroborate that insecure session-id handl...
CVE-2018-25160 HTTP::Session2 versions through 1.09 for Perl does not validate the format of user provided session ids, enabling code injection or other impact depending on session backend
HTTP::Session2 versions through 1.09 for Perl does not validate the format of user provided session ids, enabling code injection or other impact depending on session backend. For example, if an application uses memcached for session storage, then it may be possible for a remote attacker to inject...