Lucene search
K

7 matches found

RedHat Linux
RedHat Linux
added 2024/02/13 5:7 p.m.4 views

jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies

A flaw was found in the jetty-server package. Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies or otherwise perform unintended behavior by tampering with the cookie parsing mechanism...

5.3CVSS7.1AI score0.013EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/02/13 4:55 p.m.4 views

jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies

A flaw was found in the jetty-server package. Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies or otherwise perform unintended behavior by tampering with the cookie parsing mechanism...

5.3CVSS7.1AI score0.013EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/02/13 4:55 p.m.4 views

jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies

A flaw was found in the jetty-server package. Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies or otherwise perform unintended behavior by tampering with the cookie parsing mechanism...

5.3CVSS7.1AI score0.013EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/02/13 4:55 p.m.5 views

jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies

A flaw was found in the jetty-server package. Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies or otherwise perform unintended behavior by tampering with the cookie parsing mechanism...

5.3CVSS7.1AI score0.013EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/02/13 2:45 p.m.2 views

jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies

A flaw was found in the jetty-server package. Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies or otherwise perform unintended behavior by tampering with the cookie parsing mechanism...

5.3CVSS7.1AI score0.013EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2024/02/12 10:38 a.m.5 views

jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies

A flaw was found in the jetty-server package. Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies or otherwise perform unintended behavior by tampering with the cookie parsing mechanism...

5.3CVSS7.1AI score0.013EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2023/04/18 8:35 p.m.28 views

CVE-2023-26049

Jetty is a java based web server and servlet engine. Nonstandard cookie parsing in Jetty may allow an attacker to smuggle cookies within other cookies, or otherwise perform unintended behavior by tampering with the cookie parsing mechanism. If Jetty sees a cookie VALUE that starts with " double...

5.3CVSS6.7AI score0.013EPSS
Exploits0
Rows per page
Query Builder