Lucene search
+L

12 matches found

debiancve
debiancve
added 2026/07/01 7:40 p.m.7 views

CVE-2026-55688

The AsyncHttpClient AHC library allows Java applications to easily execute HTTP requests and asynchronously process HTTP responses. In versions from 2.0.0 prior to 2.16.0 and from 3.0.0.Beta1 prior to 3.0.11, ThreadSafeCookieStore stored a cookie under the value of its Domain attribute without...

4CVSS5.8AI score0.00179EPSS
Exploits0
osv
osv
added 2026/06/23 3:5 p.m.3 views

CVE-2026-55767 Guzzle: Dot-Only Cookie Domains Match All Hosts in guzzlehttp/guzzle

Guzzle is an extensible PHP HTTP client. Prior to 7.12.1, CookieJar incorrectly accepts cookies with a dot-only Domain attribute and whitespace-padded variants. SetCookie::matchesDomain removes leading dots from the cookie domain, normalizing dot-only values to the empty string; SetCookie::valida...

5.8CVSS6AI score0.00111EPSS
Exploits0References3
friendsofphp
friendsofphp
added 2026/06/18 2:12 p.m.10 views

Dot-only cookie domains match all hosts

Impact CookieJar incorrectly accepts cookies with a dot-only Domain attribute, such as Domain=., Domain=.., Domain=..., and whitespace-padded variants such as Domain= . . In affected versions, SetCookie::matchesDomain removes leading dots from the cookie domain, normalizing dot-only values to the...

5.8CVSS5.9AI score0.00111EPSS
Exploits0Affected Software1
nessus
nessus
added 2026/01/14 12:0 a.m.5 views

MiracleLinux 3 : squirrelmail-1.4.8-5.3AXS3 (AXSA:2009-17:02)

The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2009-17:02 advisory. SquirrelMail is a standards-based webmail package written in PHP4. It includes built-in pure PHP support for the IMAP and SMTP protocols, and all pages render ...

6.5CVSS5.6AI score0.01675EPSS
Exploits1References2
susecve
susecve
added 2023/02/15 4:34 a.m.53 views

SUSE CVE-2018-1279

Pivotal RabbitMQ for PCF, all versions, uses a deterministically generated cookie that is shared between all machines when configured in a multi-tenant cluster. A remote attacker who can gain information about the network topology can guess this cookie and, if they have access to the right ports ...

8.5CVSS7AI score0.0183EPSS
Exploits0References3
veracode
veracode
added 2021/06/05 10:1 p.m.23 views

Shared Cookie

firefox uses shared cookie. The vulnerability exists due to having the address bar search suggestions in private browsing mode session data from normal mode...

4.3CVSS2.1AI score0.00331EPSS
Exploits0References4Affected Software1
osv
osv
added 2018/12/10 7:29 p.m.16 views

CVE-2018-1279

Pivotal RabbitMQ for PCF, all versions, uses a deterministically generated cookie that is shared between all machines when configured in a multi-tenant cluster. A remote attacker who can gain information about the network topology can guess this cookie and, if they have access to the right ports ...

6.5CVSS6.7AI score0.0183EPSS
Exploits0References1
osv
osv
added 2018/12/10 7:29 p.m.5 views

DEBIAN-CVE-2018-1279

Pivotal RabbitMQ for PCF, all versions, uses a deterministically generated cookie that is shared between all machines when configured in a multi-tenant cluster. A remote attacker who can gain information about the network topology can guess this cookie and, if they have access to the right ports ...

6.5CVSS7AI score0.0183EPSS
Exploits0References1
osv
osv
added 2018/12/10 7:29 p.m.79 views

UBUNTU-CVE-2018-1279

Pivotal RabbitMQ for PCF, all versions, uses a deterministically generated cookie that is shared between all machines when configured in a multi-tenant cluster. A remote attacker who can gain information about the network topology can guess this cookie and, if they have access to the right ports ...

8.5CVSS7AI score0.0183EPSS
Exploits0References3
prion
prion
added 2018/12/10 7:29 p.m.13 views

Code injection

Pivotal RabbitMQ for PCF, all versions, uses a deterministically generated cookie that is shared between all machines when configured in a multi-tenant cluster. A remote attacker who can gain information about the network topology can guess this cookie and, if they have access to the right ports ...

3.3CVSS6.5AI score0.0183EPSS
Exploits0References1
debiancve
debiancve
added 2018/12/10 7:0 p.m.90 views

CVE-2018-1279

Pivotal RabbitMQ for PCF, all versions, uses a deterministically generated cookie that is shared between all machines when configured in a multi-tenant cluster. A remote attacker who can gain information about the network topology can guess this cookie and, if they have access to the right ports ...

8.5CVSS7.4AI score0.0183EPSS
Exploits0
prion
prion
added 2018/07/26 3:29 p.m.22 views

Code injection

It was discovered that the hawtio servlet 1.4 uses a single HttpClient instance to proxy requests with a persistent cookie store cookies are stored locally and are not passed between the client and the end URL which means all clients using that proxy are sharing the same cookies...

6CVSS8.9AI score0.00926EPSS
Exploits0References2Affected Software2
Rows per page
Query Builder