Lucene search
K

5 matches found

Veracode
Veracode
added 2022/09/21 6:57 p.m.29 views

Information Disclosure

Rdiffweb is vulnerable to Sensitive Information Disclosure. The vulnerability exists due to an incomplete fix of CVE-2022-3174 which causes session cookies instantiated without the Secure attribute when the provided url is invalid. This flaw allows the transport of user cookies over insecure HTTP...

7.5CVSS5.8AI score0.00556EPSS
Exploits2References2Affected Software1
NVD
NVD
added 2022/09/13 10:15 a.m.40 views

CVE-2022-3174

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository ikus060/rdiffweb prior to 2.4.2...

7.5CVSS0.00556EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/09/13 9:20 a.m.44 views

CVE-2022-3174 Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in ikus060/rdiffweb

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository ikus060/rdiffweb prior to 2.4.2...

7.5CVSS7.7AI score0.00556EPSS
Exploits1References2
OSV
OSV
added 2022/09/13 9:20 a.m.22 views

CVE-2022-3174 Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in ikus060/rdiffweb

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository ikus060/rdiffweb prior to 2.4.2...

7.5CVSS7.6AI score0.00556EPSS
Exploits1References4
CVE
CVE
added 2022/09/13 9:20 a.m.66 views

CVE-2022-3174

CVE-2022-3174 affects rdiffweb prior to 2.4.2, where cookies are transmitted over HTTPS without the Secure attribute, exposing confidentiality. The issue impacts the GitHub repo ikus060/rdiffweb; CVSS v3.1/3.0 base score 7.5 (HIGH) with network attacker, no user interaction. Affected component: s...

7.5CVSS6.2AI score0.00556EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder