4 matches found
CVE-2026-11525 vulnerabilities
Vulnerabilities for packages: pelias-api, haraka, kibana, prism, actions-runner, vitess, renovate, code-server, npm, node-gyp, saf...
UBUNTU-CVE-2026-11525
Impact: When undici parses a Set-Cookie header, it accepts any SameSite attribute value that contains Strict, Lax, or None as a substring, rather than the case-insensitive exact match specified by RFC 6265. Non-spec values are silently mapped to one of the three standard tokens. For example,...
CVE-2026-11525
creationtimestamp| type| source ---|---|--- 2026-06-17 17:34:09+00:00| seen| https://bsky.app/profile/ulisesgascon.com/post/3moitvr3dbc2g 2026-06-18 15:59:06+00:00| seen| https://bsky.app/profile/nodeland.dev/post/3mol72ndrtt2r 2026-06-23 12:01:44+00:00| seen|...
CVE-2026-11525
Impact: When undici parses a Set-Cookie header, it accepts any SameSite attribute value that contains Strict, Lax, or None as a substring, rather than the case-insensitive exact match specified by RFC 6265. Non-spec values are silently mapped to one of the three standard tokens. For example,...