Malicious code in cookie_info (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7f3a1b3ca5e526deb6d9a3b3dcb7b1282b006b8b1cf445c9c1b824162b719d26 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

curl: use after free in cookie.c

I ran fuzzing with the internal fuzzer at https://github.com/pauldreik/curl-fuzzer/blob/paul/localfuzzpublic0/intreefuzzer/src/insidefuzzers/fuzzcookies.cc It seems like the following sequence of events trigger the use after free: c include "cookie.h" include curlglobalinitCURLGLOBALDEFAULT; CURL...

CVE-2012-2671

The Rack::Cache rubygem 0.3.0 through 1.1 caches Set-Cookie and other sensitive headers, which allows attackers to obtain sensitive cookie information, hijack web sessions, or have other unspecified impact by accessing the cache...