4 matches found
CVE-2024-47764
A flaw was found in the Cookie Node.js module, a basic HTTP cookie parser and serializer for HTTP servers. The cookie name could be used to set other fields of the cookie, resulting in an unexpected cookie value. A similar escape can be used for path and domain, which could be abused to alter oth...
CVE-2024-47764
cookie is a basic HTTP cookie parser and serializer for HTTP servers. The cookie name could be used to set other fields of the cookie, resulting in an unexpected cookie value. A similar escape can be used for path and domain, which could be abused to alter other fields of the cookie. Upgrade to...
CVE-2024-47764 cookie accepts cookie name, path, and domain with out of bounds characters
cookie is a basic HTTP cookie parser and serializer for HTTP servers. The cookie name could be used to set other fields of the cookie, resulting in an unexpected cookie value. A similar escape can be used for path and domain, which could be abused to alter other fields of the cookie. Upgrade to...
CVE-2024-47764
CVE-2024-47764 affects a Node.js cookie parsing/serialization package. The vulnerability arises because the cookie name can be used to influence other cookie fields, potentially yielding an unexpected cookie value; a similar escape can affect path and domain to alter other fields. Public advisori...