Lucene search
K

116 matches found

CVE
CVE
added 2026/06/23 3:5 p.m.10 views

CVE-2026-55767

Summary: Guzzle 7.x before 7.12.1 is vulnerable to cookie domain handling flaws in CookieJar. dot-only Domain attributes (e.g., Domain=., Domain=.., or whitespace-padded variants) are normalized to an empty domain, and the code path that rejects only an empty domain still allows it to match any h...

5.8CVSS5.9AI score0.00111EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/23 3:5 p.m.33 views

CVE-2026-55767 Guzzle: Dot-Only Cookie Domains Match All Hosts in guzzlehttp/guzzle

Guzzle is an extensible PHP HTTP client. Prior to 7.12.1, CookieJar incorrectly accepts cookies with a dot-only Domain attribute and whitespace-padded variants. SetCookie::matchesDomain removes leading dots from the cookie domain, normalizing dot-only values to the empty string; SetCookie::valida...

5.8CVSS0.00111EPSS
Exploits0References1
OSV
OSV
added 2026/06/19 2:37 p.m.25 views

GHSA-CWXW-98QJ-8QJX guzzlehttp/guzzle: Dot-Only Cookie Domains Match All Hosts

Impact CookieJar incorrectly accepts cookies with a dot-only Domain attribute, such as Domain=., Domain=.., Domain=..., and whitespace-padded variants such as Domain= . . In affected versions, SetCookie::matchesDomain removes leading dots from the cookie domain, normalizing dot-only values to the...

5.8CVSS5.9AI score0.00111EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.9 views

Astra Linux – Vulnerability in curl

This flaw allows a malicious HTTP server to set “super cookies” using curl, which are then transmitted back to multiple origins beyond what is allowed or possible. This enables a site to set cookies that are then sent to different and unrelated sites and domains. The attack exploits a flaw in...

6.5CVSS6.6AI score0.01685EPSS
Exploits1References2
Friends Of PHP
Friends Of PHP
added 2026/06/18 2:12 p.m.7 views

Dot-only cookie domains match all hosts

Impact CookieJar incorrectly accepts cookies with a dot-only Domain attribute, such as Domain=., Domain=.., Domain=..., and whitespace-padded variants such as Domain= . . In affected versions, SetCookie::matchesDomain removes leading dots from the cookie domain, normalizing dot-only values to the...

5.8CVSS5.9AI score0.00111EPSS
Exploits0Affected Software1
CVE
CVE
added 2026/06/10 9:18 p.m.79 views

CVE-2026-46625

CVE-2026-46625 concerns the JavaScript Cookie library (js-cookie) prior to 3.0.7. A per-instance prototype hijack occurs in the internal assign() when merging properties from a source object produced by JSON.parse that may include an own enumerable proto key. This polluted prototype leads to atta...

7.5CVSS5.4AI score0.00422EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/05/26 4:0 a.m.15 views

tornado: Tornado: Cookie attribute injection due to improper handling of cookie arguments

A flaw was found in Tornado. A remote attacker could exploit this vulnerability by injecting specially crafted characters into the domain, path, and samesite arguments when setting cookies. This could lead to cookie attribute injection, potentially allowing for information disclosure or...

7.2CVSS6.9AI score0.00237EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/05/25 2:0 p.m.35 views

CVE-2026-47069 CRLF injection in cookie domain/path options in hackney

Improper Neutralization of CRLF Sequences 'CRLF Injection' vulnerability in benoitc hackney allows HTTP Response Splitting. The hackneycookie:setcookie/3 function in src/hackneycookie.erl validates the Name and Value arguments against CRLF and control characters, but concatenates the domain and...

2.1CVSS0.00374EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/05/25 2:0 p.m.11 views

CVE-2026-47069 CRLF injection in cookie domain/path options in hackney

Improper Neutralization of CRLF Sequences 'CRLF Injection' vulnerability in benoitc hackney allows HTTP Response Splitting. The hackneycookie:setcookie/3 function in src/hackneycookie.erl validates the Name and Value arguments against CRLF and control characters, but concatenates the domain and...

2.1CVSS6AI score0.00374EPSS
Exploits1References4
CVE
CVE
added 2026/05/25 2:0 p.m.21 views

CVE-2026-47069

CVE-2026-47069 describes a CRLF Injection in the Hackney library. The vulnerability arises from hackney_cookie:setcookie/3: Name/Value are checked for CRLF, but the domain and path options are concatenated into the output iolist without validation. An attacker controlling either option (e.g., Hos...

5.3CVSS6AI score0.00374EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/05/25 2:0 p.m.18 views

EEF-CVE-2026-47069 CRLF injection in cookie domain/path options in hackney

Summary Improper Neutralization of CRLF Sequences 'CRLF Injection' vulnerability in benoitc hackney allows HTTP Response Splitting. The hackneycookie:setcookie/3 function in src/hackneycookie.erl validates the Name and Value arguments against CRLF and control characters, but concatenates the doma...

2.1CVSS6AI score0.00374EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/05/25 12:0 a.m.21 views

PT-2026-43066

Name of the Vulnerable Software and Affected Versions hackney versions 0.9.0 through 4.0.0 Description Improper Neutralization of CRLF Sequences, also known as CRLF Injection, allows HTTP Response Splitting. The setcookie/3 function in src/hackney cookie.erl validates Name and Value arguments...

5.3CVSS6AI score0.00374EPSS
Exploits1References9
RedHat Linux
RedHat Linux
added 2026/05/19 6:24 p.m.19 views

tornado: Tornado: Cookie attribute injection due to improper handling of cookie arguments

A flaw was found in Tornado. A remote attacker could exploit this vulnerability by injecting specially crafted characters into the domain, path, and samesite arguments when setting cookies. This could lead to cookie attribute injection, potentially allowing for information disclosure or...

7.2CVSS5.7AI score0.00237EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/05/19 1:27 p.m.12 views

tornado: Tornado: Cookie attribute injection due to improper handling of cookie arguments

A flaw was found in Tornado. A remote attacker could exploit this vulnerability by injecting specially crafted characters into the domain, path, and samesite arguments when setting cookies. This could lead to cookie attribute injection, potentially allowing for information disclosure or...

7.2CVSS5.7AI score0.00237EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/05/05 10:29 a.m.14 views

tornado: Tornado: Cookie attribute injection due to improper handling of cookie arguments

A flaw was found in Tornado. A remote attacker could exploit this vulnerability by injecting specially crafted characters into the domain, path, and samesite arguments when setting cookies. This could lead to cookie attribute injection, potentially allowing for information disclosure or...

7.2CVSS5.7AI score0.00237EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/05/05 9:22 a.m.11 views

tornado: Tornado: Cookie attribute injection due to improper handling of cookie arguments

A flaw was found in Tornado. A remote attacker could exploit this vulnerability by injecting specially crafted characters into the domain, path, and samesite arguments when setting cookies. This could lead to cookie attribute injection, potentially allowing for information disclosure or...

7.2CVSS5.6AI score0.00237EPSS
Exploits0References6
NVD
NVD
added 2026/04/15 4:17 a.m.5 views

CVE-2026-39963

Serendipity is a PHP-powered weblog engine. In versions 2.6-beta2 and below, the serendipitysetCookie function in include/functionsconfig.inc.php uses $SERVER'HTTPHOST' without validation as the domain parameter of setcookie. An attacker who can influence the Host header at login time, such as vi...

6.9CVSS0.00224EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/04/14 11:31 p.m.7 views

CVE-2026-39963 Serendipity: Host Header Injection enables authentication cookie scoping to an attacker-controlled domain

Serendipity is a PHP-powered weblog engine. In versions 2.6-beta2 and below, the serendipitysetCookie function in include/functionsconfig.inc.php uses $SERVER'HTTPHOST' without validation as the domain parameter of setcookie. An attacker who can influence the Host header at login time, such as vi...

6.9CVSS5.7AI score0.00224EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2026/04/14 10:32 p.m.8 views

Serendipity has a Host Header Injection allows authentication cookie scoping to attacker-controlled domain in functions_config.inc.php

Summary The serendipitysetCookie function uses $SERVER'HTTPHOST' without validation as the domain parameter of setcookie. An attacker can force authentication cookies — including session tokens and auto-login tokens — to be scoped to an attacker-controlled domain, facilitating session hijacking...

6.9CVSS5.8AI score0.00224EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/04/14 10:32 p.m.6 views

GHSA-4M6C-649P-F6GF Serendipity has a Host Header Injection allows authentication cookie scoping to attacker-controlled domain in functions_config.inc.php

Summary The serendipitysetCookie function uses $SERVER'HTTPHOST' without validation as the domain parameter of setcookie. An attacker can force authentication cookies — including session tokens and auto-login tokens — to be scoped to an attacker-controlled domain, facilitating session hijacking...

6.9CVSS5.8AI score0.00224EPSS
Exploits1References4
Rows per page
Query Builder