Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-3916

Malicious code in bioql PyPI...

5.3CVSS5.4AI score0.0272EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-2980

Malicious code in bioql PyPI...

5.3CVSS5.4AI score0.0272EPSS
Exploits0References9
Github Security Blog
Github Security Blog
added 2022/05/17 12:50 a.m.29 views

Jenkins HttpOnly flag not Set for session cookies

Jenkins before 1.586 does not set the HttpOnly flag in a Set-Cookie header for session cookies when run on Tomcat 7.0.41 or later, which makes it easier for remote attackers to obtain potentially sensitive information via script access to cookies...

5.3CVSS6.3AI score0.0272EPSS
Exploits0References9Affected Software1
UbuntuCve
UbuntuCve
added 2017/09/12 2:29 p.m.23 views

CVE-2014-9634

Jenkins before 1.586 does not set the secure flag on session cookies when run on Tomcat 7.0.41 or later, which makes it easier for remote attackers to capture cookies by intercepting their transmission within an HTTP session...

5.3CVSS6.1AI score0.0272EPSS
Exploits0References2
Prion
Prion
added 2017/09/12 2:29 p.m.17 views

Design/Logic Flaw

Jenkins before 1.586 does not set the HttpOnly flag in a Set-Cookie header for session cookies when run on Tomcat 7.0.41 or later, which makes it easier for remote attackers to obtain potentially sensitive information via script access to cookies...

5CVSS6.5AI score0.0272EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2017/09/12 2:0 p.m.57 views

CVE-2014-9635

CVE-2014-9635 affects Jenkins before 1.586. The issue is that the application does not set the HttpOnly flag in Set-Cookie headers for session cookies when run on Tomcat 7.0.41+; this can allow remote attackers to access cookies via scripts and potentially obtain sensitive information. The cited ...

5.3CVSS4.9AI score0.0272EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2017/09/12 2:0 p.m.31 views

CVE-2014-9634

Jenkins before 1.586 does not set the secure flag on session cookies when run on Tomcat 7.0.41 or later, which makes it easier for remote attackers to capture cookies by intercepting their transmission within an HTTP session...

5.1AI score0.0272EPSS
Exploits0References7
Cvelist
Cvelist
added 2017/09/12 2:0 p.m.25 views

CVE-2014-9635

Jenkins before 1.586 does not set the HttpOnly flag in a Set-Cookie header for session cookies when run on Tomcat 7.0.41 or later, which makes it easier for remote attackers to obtain potentially sensitive information via script access to cookies...

4.9AI score0.0272EPSS
Exploits0References7
Rows per page
Query Builder