Lucene search
K

4 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Chromium

Insufficient policy enforcement in cookies in Google Chrome prior to version 104.0.5112.101 allowed a remote attacker to bypass cookie prefix restrictions through a crafted HTML page...

6.5CVSS6.7AI score0.00834EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/04/08 12:17 a.m.17 views

Hono: Non-breaking space prefix bypass in cookie name handling in getCookie()

Summary A discrepancy between browser cookie parsing and parse handling allows cookie prefix protections to be bypassed. Cookie names that are treated as distinct by the browser may be normalized to the same key by parse, allowing attacker-controlled cookies to override legitimate ones. Details...

4.8CVSS5.9AI score0.00284EPSS
Exploits0References5Affected Software1
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.8 views

Hono 输入验证错误漏洞

Hono is a web framework written in TypeScript for the Hono community. Versions of Hono prior to 4.12.12 contained a vulnerability related to input validation errors. This vulnerability stemmed from differences in how browser Cookie parsing and the parse function were handled, which could lead to...

4.8CVSS5.8AI score0.00284EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.7 views

PT-2026-31284

Summary A discrepancy between browser cookie parsing and parse handling allows cookie prefix protections to be bypassed. Cookie names that are treated as distinct by the browser may be normalized to the same key by parse, allowing attacker-controlled cookies to override legitimate ones. Details...

4.8CVSS5.9AI score0.00284EPSS
Exploits0References5
Rows per page
Query Builder