Lucene search
+L

5 matches found

cve
cve
added 2026/07/03 6:15 a.m.30 views

CVE-2026-8924

CVE-2026-8924 – curl cookie parsing flaw. The vulnerability arises from curl’s cookie parsing logic, enabling a malicious HTTP server to set ‘super cookies’ that bypass the Public Suffix List check. This allows an attacker-controlled origin to inject cookies that curl subsequently scopes and tran...

9.1CVSS6AI score0.00649EPSS
Exploits1References3Affected Software1
nvd
nvd
added 2026/06/23 4:17 p.m.11 views

CVE-2026-55767

Guzzle is an extensible PHP HTTP client. Prior to 7.12.1, CookieJar incorrectly accepts cookies with a dot-only Domain attribute and whitespace-padded variants. SetCookie::matchesDomain removes leading dots from the cookie domain, normalizing dot-only values to the empty string; SetCookie::valida...

5.8CVSS0.00111EPSS
Exploits0References1
debiancve
debiancve
added 2026/06/23 3:5 p.m.10 views

CVE-2026-55767

Guzzle is an extensible PHP HTTP client. Prior to 7.12.1, CookieJar incorrectly accepts cookies with a dot-only Domain attribute and whitespace-padded variants. SetCookie::matchesDomain removes leading dots from the cookie domain, normalizing dot-only values to the empty string; SetCookie::valida...

5.8CVSS5.9AI score0.00111EPSS
Exploits0
susecve
susecve
added 2023/02/15 5:22 a.m.4 views

SUSE CVE-2015-0832

Mozilla Firefox before 36.0 does not properly recognize the equivalence of domain names with and without a trailing . dot character, which allows man-in-the-middle attackers to bypass the HPKP and HSTS protection mechanisms by constructing a URL with this character and leveraging access to an X.5...

5CVSS8.6AI score0.01052EPSS
Exploits0References5
osv
osv
added 2015/02/25 12:0 a.m.3 views

UBUNTU-CVE-2015-0832

Mozilla Firefox before 36.0 does not properly recognize the equivalence of domain names with and without a trailing . dot character, which allows man-in-the-middle attackers to bypass the HPKP and HSTS protection mechanisms by constructing a URL with this character and leveraging access to an X.5...

5CVSS6.9AI score0.01052EPSS
Exploits0References6
Rows per page
Query Builder