Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/05/26 8:14 p.m.12 views

CVE-2026-47070

Sensitive Data Exposure vulnerability in benoitc hackney allows Retrieve Embedded Sensitive Data. The HTTP/3 redirect handler in src/hackneyh3.erl passes the original request headers unchanged to the redirect target without performing any cross-origin check. When a client issues an HTTP/3 request...

6.1CVSS5.8AI score0.00348EPSS
Exploits1References1
NVD
NVD
added 2026/05/25 3:16 p.m.25 views

CVE-2026-47070

Sensitive Data Exposure vulnerability in benoitc hackney allows Retrieve Embedded Sensitive Data. The HTTP/3 redirect handler in src/hackneyh3.erl passes the original request headers unchanged to the redirect target without performing any cross-origin check. When a client issues an HTTP/3 request...

6.1CVSS0.00348EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/05/25 2:0 p.m.36 views

CVE-2026-47070 HTTP/3 redirect handler leaks Authorization and Cookie headers to cross-origin redirect target in hackney

Sensitive Data Exposure vulnerability in benoitc hackney allows Retrieve Embedded Sensitive Data. The HTTP/3 redirect handler in src/hackneyh3.erl passes the original request headers unchanged to the redirect target without performing any cross-origin check. When a client issues an HTTP/3 request...

6CVSS0.00348EPSS
Exploits1References4
OSV
OSV
added 2026/05/25 2:0 p.m.8 views

EEF-CVE-2026-47070 HTTP/3 redirect handler leaks Authorization and Cookie headers to cross-origin redirect target in hackney

Summary Sensitive Data Exposure vulnerability in benoitc hackney allows Retrieve Embedded Sensitive Data. The HTTP/3 redirect handler in src/hackneyh3.erl passes the original request headers unchanged to the redirect target without performing any cross-origin check. When a client issues an HTTP/3...

6CVSS5.8AI score0.00348EPSS
Exploits1References4
Rows per page
Query Builder