89 matches found
EUVD-2022-1042
Malicious code in bioql PyPI...
EUVD-2022-7673
Malicious code in bioql PyPI...
CVE-2018-25060
A vulnerability was found in Macaron csrf and classified as problematic. Affected by this issue is some unknown functionality of the file csrf.go. The manipulation of the argument Generate leads to sensitive cookie without secure attribute. The attack may be launched remotely. The complexity of a...
MAL-2025-2600 Malicious code in bsb-family-pack (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: oracle-using-macaron 9ce94b3baee18c22e6c4de9808764de9496aa7a055a74f58eb972741ac433181 This package seems to be part of a larger malicious toolkit designed for unauthorized access to systems, data theft, and potentially acting as a...
Linux Distros Unpatched Vulnerability : CVE-2020-36627
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in Macaron i18n. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file i18n.go...
Linux Distros Unpatched Vulnerability : CVE-2018-25060
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in Macaron csrf and classified as problematic. Affected by this issue is some unknown functionality of the file csrf.go. The...
Fedora: Security Advisory (FEDORA-2023-7398c7b4db)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 39 : golang-github-macaron-inject (2023-7398c7b4db)
The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-7398c7b4db advisory. Automatic update for golang-github-macaron-inject-0-0.19.20210110git138e592.fc39. Changelog Tue Jul 11 2023 Mikel Olasagasti Uranga - 0-0.19 - Fix FTBFS...
Cross-site Request Forgery (CSRF)
github.com/go-macaron/csrf is vulnerable to Cross-site Request Forgery CSRF. The vulnerability exists because the Generate function in csrf.go does not set the secure mode for the CSRF cookie as the value is hardcoded to false for the corresponding arguments of SetCookie, allowing an attacker to...
GO-2022-1213 Insecure generation of cookies in github.com/go-macaron/csrf
The Options.Secure value is ignored, and cookies created by Generate never have the secure attribute...
Macaron csrf missing encryption and has sensitive cookies in HTTP session without secure attribute
A vulnerability was found in Macaron csrf and classified as problematic. Affected by this issue is some unknown functionality of the file csrf.go. The manipulation of the argument Generate leads to sensitive cookie without secure attribute. The attack may be launched remotely. The name of the pat...
GHSA-HHXG-PX5H-JC32 Macaron csrf missing encryption and has sensitive cookies in HTTP session without secure attribute
A vulnerability was found in Macaron csrf and classified as problematic. Affected by this issue is some unknown functionality of the file csrf.go. The manipulation of the argument Generate leads to sensitive cookie without secure attribute. The attack may be launched remotely. The name of the pat...
DEBIAN-CVE-2018-25060
A vulnerability was found in Macaron csrf and classified as problematic. Affected by this issue is some unknown functionality of the file csrf.go. The manipulation of the argument Generate leads to sensitive cookie without secure attribute. The attack may be launched remotely. The complexity of a...
CVE-2018-25060
A vulnerability was found in Macaron csrf and classified as problematic. Affected by this issue is some unknown functionality of the file csrf.go. The manipulation of the argument Generate leads to sensitive cookie without secure attribute. The attack may be launched remotely. The complexity of a...
CVE-2018-25060
A vulnerability was found in Macaron csrf and classified as problematic. Affected by this issue is some unknown functionality of the file csrf.go. The manipulation of the argument Generate leads to sensitive cookie without secure attribute. The attack may be launched remotely. The complexity of a...
CVE-2018-25060
A vulnerability was found in Macaron csrf and classified as problematic. Affected by this issue is some unknown functionality of the file csrf.go. The manipulation of the argument Generate leads to sensitive cookie without secure attribute. The attack may be launched remotely. The complexity of a...
Design/Logic Flaw
A vulnerability was found in Macaron csrf and classified as problematic. Affected by this issue is some unknown functionality of the file csrf.go. The manipulation of the argument Generate leads to sensitive cookie without secure attribute. The attack may be launched remotely. The complexity of a...
UBUNTU-CVE-2018-25060
A vulnerability was found in Macaron csrf and classified as problematic. Affected by this issue is some unknown functionality of the file csrf.go. The manipulation of the argument Generate leads to sensitive cookie without secure attribute. The attack may be launched remotely. The complexity of a...
CVE-2018-25060
CVE-2018-25060 affects the Macaron csrf component (go-macaron/csrf) via the csrf.go Generate path. Affects cookies created by Generate: the Secure attribute is not applied, allowing cookies to be sent over non-SSL connections. The vulnerability can be exploited remotely; the attack complexity is ...
CVE-2018-25060 Macaron csrf csrf.go missing secure attribute
A vulnerability was found in Macaron csrf and classified as problematic. Affected by this issue is some unknown functionality of the file csrf.go. The manipulation of the argument Generate leads to sensitive cookie without secure attribute. The attack may be launched remotely. The complexity of a...