happy-dom 安全漏洞

Happy-Dom is a JavaScript implementation of a web browser without a graphical interface, developed by David Ortner. Versions of Happy-Dom prior to 20.8.9 contained a security vulnerability. This vulnerability stemmed from the fetch function, which might attach cookies originating from the current...

Manyfold 代码问题漏洞

Manyfold is a self-hosted web application developed by Manyfold OpenSource. Versions of Manyfold prior to 0.133.0 had code-related vulnerabilities; these vulnerabilities were caused by Cookie leaks in the proxy cache, which could lead to session hijacking...

EUVD-2023-1196

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2023-43804

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - urllib3 is a user-friendly HTTP client library for Python. urllib3 doesn't treat the Cookie HTTP header special or provide any helpers for managing cookies over...

Drupal Multiple Vulnerabilities (SA-CORE-2022-015) - Linux

Drupal is prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

DRUPAL-CORE-2022-015

The Media oEmbed iframe route does not properly validate the iframe domain setting, which allows embeds to be displayed in the context of the primary domain. Under certain circumstances, this could lead to cross-site scripting, leaked cookies, or other vulnerabilities. This advisory is not covere...

PT-2022-13273 · Scrapy +2 · Scrapy +2

Name of the Vulnerable Software and Affected Versions: scrapy versions prior to 2.6.1 Description: The issue concerns the exposure of sensitive information to unauthorized actors. When a Request object is manually defined with cookies and receives a redirect response, the new Request object...

USN-3801-1 firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass CSP restrictions, spoof the protocol registration notification bar, leak SameSite cookies, bypass...

SuSE 11.3 Security Update : curl (SAT Patch Number 10166)

This update fixes the following security issues : - URL request injection bnc911363 When libcurl sends a request to a server via a HTTP proxy, it copies the entire URL into the request and sends if off. CVE-2014-8150 If the given URL contains line feeds and carriage returns those will be sent alo...