CVE-2025-40931 - Vulnerability Details

- Apache::Session::Generate::MD5 versions through 1.94 for Perl create insecure session id

Description

Apache::Session::Generate::MD5 versions through 1.94 for Perl create insecure session id.

Apache::Session::Generate::MD5 generates session ids insecurely. The default session id generator returns a MD5 hash seeded with the built-in rand() function, the epoch time, and the PID. The PID will come from a small set of numbers, and the epoch time may be guessed, if it is not leaked from the HTTP Date header. The built-in rand function is unsuitable for cryptographic usage. Predicable session ids could allow an attacker to gain access to systems.

Note that the libapache-session-perl package in some Debian-based Linux distributions may be patched to use Crypt::URandom.

Published: 2026-03-05

Score: 9.1 Critical

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

Apache::Session::Generate::MD5 produces session identifiers by hashing the output of Perl's built‑in rand() together with the current epoch time and a small set of process identifiers. The rand() function is not designed for cryptographic use, and the PID and epoch time can be guessed if not properly protected. This flaw aligns with CWE‑338 (Hard‑coded Cryptographic Key) and CWE‑340 (Use of Predictable Random Number Generation), leading to an attacker being able to predict valid session IDs and thereby impersonate legitimate users, gaining unauthorized access to web applications that rely on this module for session management.

Affected Systems

The vulnerability affects the Apache::Session::Generate::MD5 module distributed by Chorny for Perl, for all releases up to and including version 1.94. Systems running Debian and other Linux distributions that include libapache-session-perl may contain a patched tree that uses Crypt::URandom, but unpatched deployments remain vulnerable.

Risk and Exploitability

The CVSS score of 9.1 indicates a high severity, while the EPSS score of less than 1% suggests a low current probability of exploitation. The vulnerability is not listed in CISA's KEV catalog. Because the session ID generator relies on predictable inputs, an attacker can remotely attempt to guess session IDs. If session identifiers are guessed correctly, session hijacking or privilege escalation may occur. The attack vector is most likely remote over HTTP/HTTPS, though disabling exposure of the Date header could reduce the predictability of the epoch component.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

CHORNY

Apache::Session::Generate::MD5

unaffected

Version	Status	Constraints
`0`	affected	≤ 1.94

Configuration 1 [-]

cpe:2.3:a:chorny:apache\:\:session\:\:generate\:\:md5:*:*:*:*:*:perl:*:*

No data.

Vendor Product Confidence Versions

Chorny

Apache::session::generate::md5

100%

Version	Status	Scheme	Platform
`[0,1.94]`	affected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

Vendor Solution

Consider alternate solutions like https://metacpan.org/pod/Apache::Session::Generate::Random

Vendor Workaround

Apply the patch from the Debian Perl Group that uses Crypt::URandom.

OpenCVE Recommended Actions

Upgrade to a version of Apache::Session::Generate::MD5 that incorporates the Debian patch using Crypt::URandom or replace the module with Apache::Session::Generate::Random, which provides cryptographically secure session IDs.
Apply the Debian patch that swaps the MD5 generator for Crypt::URandom to ensure session IDs are seeded with truly random data.
Configure the web application server to avoid leaking the HTTP Date header or otherwise limit the ability to guess the epoch time used in the session ID calculation.

Generated by OpenCVE AI on April 20, 2026 at 17:25 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00028.

Exploitation none

Automatable yes

Technical Impact total

References

Link	Providers
http://www.openwall.com/lists/oss-security/2026/03/05/3
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930659
https://github.com/chorny/Apache-Session/issues/4
https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/work_items/1633
https://metacpan.org/dist/Apache-Session/source/lib/Apache/Session/Generate/MD5.pm#L27
https://metacpan.org/pod/Apache::Session::Generate::Random
https://rt.cpan.org/Ticket/Display.html?id=173631
https://salsa.debian.org/perl-team/modules/packages/libapache-session-perl/-/commit/bdabd71c2f91b18526e31a9dc52b4c17b3d246b7#898a4b8b00022df1b8689910b67707f3e738d180
https://security.metacpan.org/docs/guides/random-data-for-security.html
https://www.openwall.com/lists/oss-security/2019/06/15/1

History

Sun, 12 Apr 2026 17:30:00 +0000

Type	Values Removed	Values Added
Description	Apache::Session::Generate::MD5 versions through 1.94 for Perl create insecure session id. Apache::Session::Generate::MD5 generates session ids insecurely. The default session id generator returns a MD5 hash seeded with the built-in rand() function, the epoch time, and the PID. The PID will come from a small set of numbers, and the epoch time may be guessed, if it is not leaked from the HTTP Date header. The built-in rand function is unsuitable for cryptographic usage. Predicable session ids could allow an attacker to gain access to systems.	Apache::Session::Generate::MD5 versions through 1.94 for Perl create insecure session id. Apache::Session::Generate::MD5 generates session ids insecurely. The default session id generator returns a MD5 hash seeded with the built-in rand() function, the epoch time, and the PID. The PID will come from a small set of numbers, and the epoch time may be guessed, if it is not leaked from the HTTP Date header. The built-in rand function is unsuitable for cryptographic usage. Predicable session ids could allow an attacker to gain access to systems. Note that the libapache-session-perl package in some Debian-based Linux distributions may be patched to use Crypt::URandom.
References		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930659 https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/work_items/1633 https://metacpan.org/pod/Apache::Session::Generate::Random https://salsa.debian.org/perl-team/modules/packages/libapache-session-perl/-/commit/bdabd71c2f91b18526e31a9dc52b4c17b3d246b7#898a4b8b00022df1b8689910b67707f3e738d180 https://www.openwall.com/lists/oss-security/2019/06/15/1

Mon, 09 Mar 2026 14:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Chorny apache\
CPEs		cpe:2.3:a:chorny:apache\:\:session\:\:generate\:\:md5::::::perl::*
Vendors & Products		Chorny apache\

Fri, 06 Mar 2026 15:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Chorny Chorny apache::session::generate::md5
Vendors & Products		Chorny Chorny apache::session::generate::md5

Fri, 06 Mar 2026 04:15:00 +0000

Type	Values Removed	Values Added
References		https://github.com/chorny/Apache-Session/issues/4 https://rt.cpan.org/Ticket/Display.html?id=173631

Thu, 05 Mar 2026 17:15:00 +0000

Type	Values Removed	Values Added
Metrics		cvssV3_1 `{'score': 9.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N'}` ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Thu, 05 Mar 2026 12:30:00 +0000

Type	Values Removed	Values Added
References		http://www.openwall.com/lists/oss-security/2026/03/05/3

Thu, 05 Mar 2026 02:15:00 +0000

Type	Values Removed	Values Added
Description		Apache::Session::Generate::MD5 versions through 1.94 for Perl create insecure session id. Apache::Session::Generate::MD5 generates session ids insecurely. The default session id generator returns a MD5 hash seeded with the built-in rand() function, the epoch time, and the PID. The PID will come from a small set of numbers, and the epoch time may be guessed, if it is not leaked from the HTTP Date header. The built-in rand function is unsuitable for cryptographic usage. Predicable session ids could allow an attacker to gain access to systems.
Title		Apache::Session::Generate::MD5 versions through 1.94 for Perl create insecure session id
Weaknesses		CWE-338 CWE-340
References		https://metacpan.org/dist/Apache-Session/source/lib/Apache/Session/Generate/MD5.pm#L27 https://security.metacpan.org/docs/guides/random-data-for-security.html

Subscriptions

Chorny Apache::session::generate::md5 Apache\

MITRE

Status: PUBLISHED

Assigner: CPANSec

Published: 2026-03-05T01:41:09.588Z

Updated: 2026-04-21T02:42:43.047Z

Reserved: 2025-04-16T09:05:34.363Z

Link: CVE-2025-40931

Vulnrichment

Updated: 2026-03-05T11:12:52.118Z

NVD

Status : Modified

Published: 2026-03-05T02:16:39.960

Modified: 2026-04-12T18:16:38.647

Link: CVE-2025-40931

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-20T17:30:12Z

Weaknesses

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction None

Exploitation none

Automatable yes

Technical Impact total

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object