Lucene search
K

195 matches found

NVD
NVD
added 2026/06/23 1:16 p.m.13 views

CVE-2026-56762

Hono before 4.12.12 does not validate cookie names on the write path in the setCookie, serialize, and serializeSigned functions, allowing invalid characters such as control characters e.g. \r or \n when an application passes a user-controlled cookie name. This can produce malformed Set-Cookie...

6.9CVSS0.00247EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/23 12:13 p.m.9 views

EUVD-2026-38443

Hono before 4.12.12 does not validate cookie names on the write path in the setCookie, serialize, and serializeSigned functions, allowing invalid characters such as control characters e.g. \r or \n when an application passes a user-controlled cookie name. This can produce malformed Set-Cookie...

6.9CVSS5.9AI score0.00247EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.10 views

PT-2026-51516

Name of the Vulnerable Software and Affected Versions Hono versions prior to 4.12.12 Description The software fails to validate cookie names within the setCookie, serialize, and serializeSigned functions. When an application uses a user-controlled cookie name, invalid characters such as control...

6.9CVSS5.8AI score0.00247EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/22 5:13 p.m.32 views

CVE-2026-54287 Hono: AWS Lambda adapter merges multiple `Set-Cookie` headers into one value, dropping cookies on ALB single-header and Lattice

Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.25, on AWS Lambda, the ALB single-header response and the VPC Lattice v2 response join multiple Set-Cookie headers into one comma-separated value. Because commas also appear inside cookie attribute...

5.3CVSS0.00186EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-11525

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Impact: When undici parses a Set-Cookie header, it accepts any SameSite attribute value that contains Strict, Lax, or None as a substring, rather than the...

3.7CVSS7.1AI score0.00248EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/19 2:34 p.m.9 views

EUVD-2026-37758

undici vulnerable to Set-Cookie SameSite attribute downgrade via permissive substring matching...

3.7CVSS5.8AI score0.00248EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/06/19 2:21 p.m.12 views

undici vulnerable to HTTP header injection via Set-Cookie percent-decoding

Impact undici's cookie parser in parseSetCookie percent-decodes cookie values via qsUnescape, turning encoded sequences like %0D%0A, %00, %3B, and %3D into their literal byte equivalents. RFC 6265 §5.4 does not specify any decoding and browsers do not decode either. Applications that parse a...

5.9CVSS6AI score0.00257EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/06/19 2:21 p.m.6 views

GHSA-P88M-4JFJ-68FV undici vulnerable to HTTP header injection via Set-Cookie percent-decoding

Impact undici's cookie parser in parseSetCookie percent-decodes cookie values via qsUnescape, turning encoded sequences like %0D%0A, %00, %3B, and %3D into their literal byte equivalents. RFC 6265 §5.4 does not specify any decoding and browsers do not decode either. Applications that parse a...

5.9CVSS6AI score0.00257EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in python-future

A vulnerability discovered in Python Charmers Future 0.18.2 and earlier allows remote attackers to cause a denial of service by using a crafted Set-Cookie header from a malicious web server...

7.5CVSS6.7AI score0.01804EPSS
Exploits1References2
NVD
NVD
added 2026/06/17 6:18 p.m.16 views

CVE-2026-9679

Impact: undici's cookie parser in parseSetCookie percent-decodes cookie values via qsUnescape, turning encoded sequences like %0D%0A, %00, %3B, and %3D into their literal byte equivalents. RFC 6265 §5.4 does not specify any decoding and browsers do not decode either. Applications that parse a...

5.9CVSS0.00257EPSS
Exploits0References2
NVD
NVD
added 2026/06/17 6:17 p.m.12 views

CVE-2026-11525

Impact: When undici parses a Set-Cookie header, it accepts any SameSite attribute value that contains Strict, Lax, or None as a substring, rather than the case-insensitive exact match specified by RFC 6265. Non-spec values are silently mapped to one of the three standard tokens. For example,...

3.7CVSS0.00248EPSS
Exploits0References2
OSV
OSV
added 2026/06/17 6:17 p.m.4 views

UBUNTU-CVE-2026-11525

Impact: When undici parses a Set-Cookie header, it accepts any SameSite attribute value that contains Strict, Lax, or None as a substring, rather than the case-insensitive exact match specified by RFC 6265. Non-spec values are silently mapped to one of the three standard tokens. For example,...

3.7CVSS5.9AI score0.00248EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/17 5:31 p.m.6 views

CVE-2026-11525

Impact: When undici parses a Set-Cookie header, it accepts any SameSite attribute value that contains Strict, Lax, or None as a substring, rather than the case-insensitive exact match specified by RFC 6265. Non-spec values are silently mapped to one of the three standard tokens. For example,...

3.7CVSS5.4AI score0.00248EPSS
Exploits0
OSV
OSV
added 2026/06/04 5:59 p.m.7 views

GHSA-3HRH-PFW6-9M5X Hono: Cookie helper does not sanitize sameSite and priority, allowing Set-Cookie injection

Summary The serialize function in hono/cookie validates domain and path options against characters that corrupt Set-Cookie header syntax ;, \r, \n, but does not apply the same validation to sameSite and priority. An application that passes user-controlled input into either option may produce a...

4.3CVSS5.8AI score0.00216EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/04 5:59 p.m.13 views

EUVD-2026-32925

Hono: Cookie helper does not sanitize sameSite and priority, allowing Set-Cookie injection...

5.3CVSS5.8AI score0.00216EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/28 3:28 p.m.29 views

CVE-2026-47675 Hono: Cookie helper does not sanitize sameSite and priority, allowing Set-Cookie injection

Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.21, the serialize function in hono/cookie validates domain and path options against characters that corrupt Set-Cookie header syntax ;, \r, \n, but does not apply the same validation to sameSite an...

4.3CVSS0.00216EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Flask

Flask is a lightweight WSGI web application framework. When all of the following conditions are met, a response containing data intended for one client may be cached and subsequently sent by the proxy to other clients. If the proxy also caches Set-Cookie headers, it may send one client’s session...

7.5CVSS7.1AI score0.01261EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/05/09 12:0 a.m.9 views

Unity Linux 20.1070e Security Update: future (UTSA-2026-017344)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017344 advisory. An issue discovered in Python Charmers Future 0.18.2 and earlier allows remote attackers to cause a denial of service via crafted Set-Cookie header from malicious we...

7.5CVSS5.9AI score0.01804EPSS
Exploits1References4
Hacker One
Hacker One
added 2026/04/01 8:24 a.m.34 views

curl: Cookie attribute TAB injection regression in Set-Cookie parsing

Overview | | | |---|---| | Component | lib/cookie.c — parsecookieheader | | Type | Security regression incomplete input validation | | CWE | CWE-20 Improper Input Validation | | Severity | LOW CVSS 3.1 estimated 3.7, comparable to CVE-2022-35252 | | Affected | curl 8.18.0 through current HEAD | |...

3.7CVSS6AI score0.01788EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/03/06 1:34 a.m.7 views

CVE-2026-29086

Hono is a Web application framework that provides support for any JavaScript runtime. Prior to version 4.12.4, the setCookie utility did not validate semicolons ;, carriage returns \r, or newline characters \n in the domain and path options when constructing the Set-Cookie header. Because cookie...

5.4CVSS5.8AI score0.00216EPSS
Exploits0References1
Rows per page
Query Builder