Lucene search
+L

9 matches found

RedhatCVE
RedhatCVE
added 2026/06/25 8:16 a.m.10 views

CVE-2026-54279

A flaw was found in aiohttp before 3.14.1. Host-only cookies saved with CookieJar.save and later restored with CookieJar.load lose their host-only flag, so cookies intended for a single host may be sent to subdomains after persistence...

7.5CVSS5.7AI score0.00279EPSS
Exploits0References5
NVD
NVD
added 2026/06/22 6:16 p.m.10 views

CVE-2026-54279

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, host-only cookies that are saved with CookieJar.save and then restored later with CookieJar.load lose their host-only status. This vulnerability is fixed in 3.14.1...

7.5CVSS0.00279EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/22 4:32 p.m.36 views

CVE-2026-54279 AIOHTTP: Host-Only Cookies Become Domain Cookies After CookieJar Persistence

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, host-only cookies that are saved with CookieJar.save and then restored later with CookieJar.load lose their host-only status. This vulnerability is fixed in 3.14.1...

5.3CVSS0.00279EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/22 4:32 p.m.4 views

CVE-2026-54279

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, host-only cookies that are saved with CookieJar.save and then restored later with CookieJar.load lose their host-only status. This vulnerability is fixed in 3.14.1...

5.3CVSS5.8AI score0.00279EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/06/22 4:32 p.m.7 views

CVE-2026-54279 AIOHTTP: Host-Only Cookies Become Domain Cookies After CookieJar Persistence

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, host-only cookies that are saved with CookieJar.save and then restored later with CookieJar.load lose their host-only status. This vulnerability is fixed in 3.14.1...

5.3CVSS6AI score0.00279EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/06/15 8:8 p.m.9 views

aiohttp: Host-Only Cookies Become Domain Cookies After CookieJar Persistence

Summary Host-only cookies that are saved with CookieJar.save and then restored later with CookieJar.load lose their host-only status. Impact Host-only cookies that have been loaded from disk may get sent to subdomains that previously should have been disallowed. ----- Patch:...

7.5CVSS5.3AI score0.00279EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/15 8:8 p.m.13 views

GHSA-2FQR-MR3J-6WP8 aiohttp: Host-Only Cookies Become Domain Cookies After CookieJar Persistence

Summary Host-only cookies that are saved with CookieJar.save and then restored later with CookieJar.load lose their host-only status. Impact Host-only cookies that have been loaded from disk may get sent to subdomains that previously should have been disallowed. ----- Patch:...

5.3CVSS5.4AI score0.00279EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.16 views

PT-2026-49593

Name of the Vulnerable Software and Affected Versions AIOHTTP versions prior to 3.14.1 Description Host-only cookies saved using the CookieJar.save function and subsequently restored via the CookieJar.load function lose their host-only status. This can result in cookies loaded from disk being sen...

5.3CVSS5.8AI score0.00279EPSS
Exploits0References5
CNVD
CNVD
added 2020/06/22 12:0 a.m.6 views

RubyGem Rack Input Validation Error Vulnerability

RubyGem Rack is a modular interface between web servers and web applications developed using the Ruby programming language. A security vulnerability exists in RubyGem Rack versions prior to 2.2.3 and prior to 2.1.4. An attacker can exploit the vulnerability to control cookies prefixed with secure...

7.5CVSS7.7AI score0.02938EPSS
Exploits1References1
Rows per page
Query Builder