mod_session_dbd.c in the mod_session_dbd module in the...
High severity
Unreviewed
Published
May 13, 2022
to the GitHub Advisory Database
•
Updated Feb 1, 2023
Description
Published by the National Vulnerability Database
Jul 23, 2013
Published to the GitHub Advisory Database
May 13, 2022
Last updated
Feb 1, 2023
mod_session_dbd.c in the mod_session_dbd module in the Apache HTTP Server before 2.4.5 proceeds with save operations for a session without considering the dirty flag and the requirement for a new session ID, which has unspecified impact and remote attack vectors.
References