5 matches found
PT-2026-38408
Name of the Vulnerable Software and Affected Versions microsoft-kiota-http-okHttp versions 1.9.0 and earlier kiota-dotnet affected versions not specified kiota-java affected versions not specified kiota-python affected versions not specified kiota-typescript affected versions not specified...
Sensitive Cookie in HTTPS Session Without "Secure" Attribute
Overview Kentico.Xperience.Libraries is a package for libraries and applications that use Kentico Xperience API. Affected versions of this package are vulnerable to Sensitive Cookie in HTTPS Session Without "Secure" Attribute via the SetValue method in the CookieHelper class. The requireSSL...
PT-2025-35113
Name of the Vulnerable Software and Affected Versions: XWiki Platform versions 14.4.2 through 16.4.7 XWiki Platform versions 16.5.0-rc-1 through 16.10.6 XWiki Platform versions 17.0.0-rc-1 through 17.4.0-rc-1 Description: The PDF export jobs store sensitive cookies unencrypted in job statuses. Th...
PT-2022-3410 · Unknown +5 · Eventsource +5
Name of the Vulnerable Software and Affected Versions: eventsource/eventsource versions prior to 2.0.2 Description: The issue is related to insufficient protection of sensitive data, allowing a remote attacker to gain unauthorized access to protected information. This is due to the improper remov...
UBUNTU-CVE-2019-18900
: Incorrect Default Permissions vulnerability in libzypp of SUSE CaaS Platform 3.0, SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allowed local attackers to read a cookie store used by libzypp, exposing private cookies. This issue affects: SUSE CaaS Platform 3.0 libzypp version...