Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/06/25 8:16 a.m.7 views

CVE-2026-54279

A flaw was found in aiohttp before 3.14.1. Host-only cookies saved with CookieJar.save and later restored with CookieJar.load lose their host-only flag, so cookies intended for a single host may be sent to subdomains after persistence...

7.5CVSS5.7AI score0.00279EPSS
Exploits0References5
Snyk
Snyk
added 2026/06/15 8:8 p.m.12 views

Exposure of Private Personal Information to an Unauthorized Actor

Overview Affected versions of this package are vulnerable to Exposure of Private Personal Information to an Unauthorized Actor in the CookieJar.save and CookieJar.load functions. An attacker can cause cookies intended for a specific host to be sent to subdomains by persisting and restoring cookie...

7.5CVSS5.3AI score0.00279EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.10 views

PT-2026-49593

Name of the Vulnerable Software and Affected Versions AIOHTTP versions prior to 3.14.1 Description Host-only cookies saved using the CookieJar.save function and subsequently restored via the CookieJar.load function lose their host-only status. This can result in cookies loaded from disk being sen...

5.3CVSS5.8AI score0.00279EPSS
Exploits0References5
Snyk
Snyk
added 2021/02/01 12:0 a.m.2 views

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection. Affected versions of mechanize allow for OS commands to be injected using several classes' methods which implicitly use Ruby's Kernel.open method. Exploitation is possible only if untrusted input is used as a local...

8.3CVSS7AI score0.03507EPSS
Exploits0References3
Rows per page
Query Builder