4 matches found
Astra Linux – Vulnerability in Chromium
Insufficient policy enforcement in cookies in Google Chrome prior to version 104.0.5112.101 allowed a remote attacker to bypass cookie prefix restrictions through a crafted HTML page...
Hono: Non-breaking space prefix bypass in cookie name handling in getCookie()
Summary A discrepancy between browser cookie parsing and parse handling allows cookie prefix protections to be bypassed. Cookie names that are treated as distinct by the browser may be normalized to the same key by parse, allowing attacker-controlled cookies to override legitimate ones. Details...
Hono 输入验证错误漏洞
Hono is a web framework written in TypeScript for the Hono community. Versions of Hono prior to 4.12.12 contained a vulnerability related to input validation errors. This vulnerability stemmed from differences in how browser Cookie parsing and the parse function were handled, which could lead to...
PT-2026-31284
Summary A discrepancy between browser cookie parsing and parse handling allows cookie prefix protections to be bypassed. Cookie names that are treated as distinct by the browser may be normalized to the same key by parse, allowing attacker-controlled cookies to override legitimate ones. Details...