Lucene search
K

33 matches found

RedHat Linux
RedHat Linux
added 3 days ago6 views

undici: undici: Weakening of cookie SameSite policy due to incorrect parsing of Set-Cookie header

A flaw was found in undici. When undici processes Set-Cookie headers, it incorrectly interprets the SameSite attribute, accepting partial matches instead of exact ones. This allows a malicious server to downgrade a cookie's SameSite policy to a less secure setting, potentially leading to unintend...

3.7CVSS7AI score0.00248EPSS
Exploits0References6
OSV
OSV
added 3 days ago5 views

ALSA-2026:35841 Important: nodejs24 security, bug fix, and enhancement update

Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices...

9.8CVSS6.5AI score0.02806EPSS
Exploits1References32
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-11525

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Impact: When undici parses a Set-Cookie header, it accepts any SameSite attribute value that contains Strict, Lax, or None as a substring, rather than the...

3.7CVSS7.2AI score0.00248EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/06/19 1:57 a.m.9 views

SUSE CVE-2026-11525

Impact: When undici parses a Set-Cookie header, it accepts any SameSite attribute value that contains Strict, Lax, or None as a substring, rather than the case-insensitive exact match specified by RFC 6265. Non-spec values are silently mapped to one of the three standard tokens. For example,...

3.7CVSS5.9AI score0.00248EPSS
Exploits0References7
CVE
CVE
added 2026/06/17 5:31 p.m.65 views

CVE-2026-11525

The issue affects undici’s cookie parsing in Set-Cookie headers. The root cause is a permissive substring match for the SameSite attribute during parsing, accepting any value containing Strict, Lax, or None instead of enforcing a case-insensitive exact match per RFC 6265. This can cause downstrea...

3.7CVSS5.4AI score0.00248EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/17 5:31 p.m.46 views

CVE-2026-11525 undici vulnerable to Set-Cookie SameSite attribute downgrade via permissive substring matching

Impact: When undici parses a Set-Cookie header, it accepts any SameSite attribute value that contains Strict, Lax, or None as a substring, rather than the case-insensitive exact match specified by RFC 6265. Non-spec values are silently mapped to one of the three standard tokens. For example,...

3.7CVSS0.00248EPSS
Exploits0References2
CVE
CVE
added 2026/06/10 9:18 p.m.93 views

CVE-2026-46625

CVE-2026-46625 concerns the JavaScript Cookie library (js-cookie) prior to 3.0.7. A per-instance prototype hijack occurs in the internal assign() when merging properties from a source object produced by JSON.parse that may include an own enumerable proto key. This polluted prototype leads to atta...

7.5CVSS5.4AI score0.00422EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/05/26 4:0 a.m.15 views

tornado: Tornado: Cookie attribute injection due to improper handling of cookie arguments

A flaw was found in Tornado. A remote attacker could exploit this vulnerability by injecting specially crafted characters into the domain, path, and samesite arguments when setting cookies. This could lead to cookie attribute injection, potentially allowing for information disclosure or...

7.2CVSS6.9AI score0.00237EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/05/19 6:24 p.m.22 views

tornado: Tornado: Cookie attribute injection due to improper handling of cookie arguments

A flaw was found in Tornado. A remote attacker could exploit this vulnerability by injecting specially crafted characters into the domain, path, and samesite arguments when setting cookies. This could lead to cookie attribute injection, potentially allowing for information disclosure or...

7.2CVSS5.7AI score0.00237EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/05/19 1:27 p.m.16 views

tornado: Tornado: Cookie attribute injection due to improper handling of cookie arguments

A flaw was found in Tornado. A remote attacker could exploit this vulnerability by injecting specially crafted characters into the domain, path, and samesite arguments when setting cookies. This could lead to cookie attribute injection, potentially allowing for information disclosure or...

7.2CVSS5.7AI score0.00237EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/05/11 12:0 a.m.37 views

CVE-2026-38566

HireFlow v1.2 does not implement CSRF token validation on any state-changing POST endpoint. All forms password change at /profile, candidate deletion at /candidates/delete/, feedback submission at /feedback/add/, interview scheduling at /interviews/add are vulnerable to CSRF. An attacker who can...

0.00168EPSS
Exploits1References3
CVE
CVE
added 2026/05/11 12:0 a.m.14 views

CVE-2026-38566

CVE-2026-38566 affects HireFlow v1.2. The issue is CSRF on all state-changing POST endpoints (e.g., /profile password change, /candidates/delete/, /feedback/add/, /interviews/add) due to missing CSRF token validation and no SESSION_COOKIE_SAMESITE configuration. Root cause: CSRF token validation ...

8.1CVSS6AI score0.00168EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2026/05/05 10:29 a.m.14 views

tornado: Tornado: Cookie attribute injection due to improper handling of cookie arguments

A flaw was found in Tornado. A remote attacker could exploit this vulnerability by injecting specially crafted characters into the domain, path, and samesite arguments when setting cookies. This could lead to cookie attribute injection, potentially allowing for information disclosure or...

7.2CVSS5.7AI score0.00237EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/03/23 6:26 p.m.4 views

CVE-2026-33649 AVideo's GET-Based CSRF in setPermission.json.php Enables Privilege Escalation via Arbitrary Permission Modification

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the plugin/Permissions/setPermission.json.php endpoint accepts GET parameters for a state-changing operation that modifies user group permissions. The endpoint has no CSRF token validation, and the application...

8.1CVSS5.9AI score0.00172EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/02/04 7:28 p.m.6 views

CVE-2025-52628

HCL AION is affected by a Cookie with Insecure, Improper, or Missing SameSite vulnerability. This can allow cookies to be sent in cross-site requests, potentially increasing exposure to cross-site request forgery and related security risks. This issue affects AION: 2.0...

8.8CVSS5.1AI score0.0019EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/08 1:11 p.m.5 views

CVE-2025-34291

Langflow versions up to and including 1.6.9 contain a chained vulnerability that enables account takeover and remote code execution. An overly permissive CORS configuration alloworigins='' with allowcredentials=True combined with a refresh token cookie configured as SameSite=None allows a malicio...

9.4CVSS8.4AI score0.7889EPSS
Exploits3References1
CNNVD
CNNVD
added 2025/11/25 12:0 a.m.3 views

IBM Sterling B2B Integrator和IBM Sterling File Gateway 安全漏洞

IBM Sterling B2B Integrator and IBM Sterling File Gateway are both products of International Business Machines IBM.IBM Sterling B2B Integrator is a suite of software that integrates critical B2B processes, transactions and relationships. The software supports secure integration of complex B2B...

7.5CVSS6.3AI score0.00261EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-0700

Malicious code in bioql PyPI...

5.7CVSS5.8AI score0.00351EPSS
Exploits0References7
Snyk
Snyk
added 2025/01/14 3:40 p.m.4 views

Exposed Dangerous Method or Function

Overview Affected versions of this package are vulnerable to Exposed Dangerous Method or Function via the backend user interface functionality involving deep links. An attacker can manipulate the state-changing actions and delete items by sending a crafted URL to a logged-in user. Note: This is...

5.1CVSS6.9AI score0.00188EPSS
Exploits0References2
Snyk
Snyk
added 2025/01/14 3:40 p.m.4 views

Exposed Dangerous Method or Function

Overview typo3/cms-form is a Form Library, Plugin and Editor Affected versions of this package are vulnerable to Exposed Dangerous Method or Function via the backend user interface functionality involving deep links. An attacker can manipulate or delete persisted form definitions by deceiving a...

5.4CVSS6.9AI score0.00183EPSS
Exploits0References2
Rows per page
Query Builder