Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2018-25160
Received
More InfoOfficial Page
Source-9b29abf9-4ab0-4765-b253-1875cd9b441e
View Known Exploited Vulnerability (KEV) details
Published At-27 Feb, 2026 | 21:16
Updated At-27 Feb, 2026 | 21:16

HTTP::Session2 versions through 1.09 for Perl does not validate the format of user provided session ids, enabling code injection or other impact depending on session backend. For example, if an application uses memcached for session storage, then it may be possible for a remote attacker to inject memcached commands in the session id value.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-20Secondary9b29abf9-4ab0-4765-b253-1875cd9b441e
CWE ID: CWE-20
Type: Secondary
Source: 9b29abf9-4ab0-4765-b253-1875cd9b441e
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/tokuhirom/HTTP-Session2/commit/813838f6d08034b6a265a70e53b59b941b5d3e6d.patch9b29abf9-4ab0-4765-b253-1875cd9b441e
N/A
https://metacpan.org/pod/Cache::Memcached::Fast::Safe9b29abf9-4ab0-4765-b253-1875cd9b441e
N/A
https://metacpan.org/release/TOKUHIROM/HTTP-Session2-1.10/source/Changes9b29abf9-4ab0-4765-b253-1875cd9b441e
N/A
Hyperlink: https://github.com/tokuhirom/HTTP-Session2/commit/813838f6d08034b6a265a70e53b59b941b5d3e6d.patch
Source: 9b29abf9-4ab0-4765-b253-1875cd9b441e
Resource: N/A
Hyperlink: https://metacpan.org/pod/Cache::Memcached::Fast::Safe
Source: 9b29abf9-4ab0-4765-b253-1875cd9b441e
Resource: N/A
Hyperlink: https://metacpan.org/release/TOKUHIROM/HTTP-Session2-1.10/source/Changes
Source: 9b29abf9-4ab0-4765-b253-1875cd9b441e
Resource: N/A
Change History
0Changes found
Details not found