5 matches found
CVE-2024-53441
An issue in the index.js decryptCookie function of cookie-encrypter v1.0.1 allows attackers to execute a bit flipping attack...
Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in cookie-encrypter
Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of cookie-encrypter Vulnerability Details CVEID:CVE-2024-53441 DESCRIPTION: An issue in the index.js decryptCookie function of cookie-encrypter v1.0.1 allows attackers to execute a bit flipping attack...
CVE-2024-53441
An issue in the index.js decryptCookie function of cookie-encrypter v1.0.1 allows attackers to execute a bit flipping attack...
CVE-2024-53441
CVE-2024-53441 affects the cookie-encrypter library, specifically version 1.0.1, where a flaw in the index.js decryptCookie function enables a bit-flipping attack (AES-CBC) using the world-visible IV. This can allow an attacker to modify encrypted cookies without decrypting them, with a CVSSv3.1 ...
CVE-2024-53441
An issue in the index.js decryptCookie function of cookie-encrypter v1.0.1 allows attackers to execute a bit flipping attack...