3 matches found
SUSE CVE-2018-20852
http.cookiejar.DefaultPolicy.domainreturnok in Lib/http/cookiejar.py in Python before 3.7.3 does not correctly validate the domain: it can be tricked into sending existing cookies to the wrong server. An attacker may abuse this flaw by using a server with a hostname that has another valid hostnam...
The vulnerability in the http.cookiejar.DefaultPolicy.domain_return_ok() function of the Python programming language allows a hacker to gain unauthorized access to protected information.
The vulnerability of the http.cookiejar.DefaultPolicy.domainreturnok function in the Python programming language is related to improper domain validation. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...
python: Cookie domain check returns incorrect results
http.cookiejar.DefaultPolicy.domainreturnok in Lib/http/cookiejar.py in Python before 3.7.3 does not correctly validate the domain: it can be tricked into sending existing cookies to the wrong server. An attacker may abuse this flaw by using a server with a hostname that has another valid hostnam...