13 matches found
EUVD-2021-27824
Malicious code in bioql PyPI...
CVE-2021-40649
In Connx Version 6.2.0.1269 20210623, a cookie can be issued by the application and not have the HttpOnly flag set...
CVE-2021-40650
In Connx Version 6.2.0.1269 20210623, a cookie can be issued by the application and not have the secure flag set...
CVE-2021-40650
In Connx Version 6.2.0.1269 20210623, a cookie can be issued by the application and not have the secure flag set...
CVE-2021-40650
In Connx Version 6.2.0.1269 20210623, a cookie can be issued by the application and not have the secure flag set...
CVE-2021-40649
In Connx Version 6.2.0.1269 20210623, a cookie can be issued by the application and not have the HttpOnly flag set...
CVE-2021-40649
In Connx Version 6.2.0.1269 20210623, a cookie can be issued by the application and not have the HttpOnly flag set...
CVE-2021-40649
In Connx Version 6.2.0.1269 20210623, a cookie can be issued by the application and not have the HttpOnly flag set...
Code injection
In Connx Version 6.2.0.1269 20210623, a cookie can be issued by the application and not have the HttpOnly flag set...
Code injection
In Connx Version 6.2.0.1269 20210623, a cookie can be issued by the application and not have the secure flag set...
CVE-2021-40650
In Connx version 6.2.0.1269 (20210623), the application can issue a cookie that is not marked with the Secure flag. This means the cookie could be transmitted over non-HTTPS connections, potentially exposing session data if a user connects without TLS. The available sources describe the issue but...
CVE-2021-40649
In Connx Version 6.2.0.1269 20210623, a cookie can be issued by the application and not have the HttpOnly flag set...
CVE-2021-40649
In Connx 6.2.0.1269 (20210623), the application can issue a cookie that is not marked HttpOnly. This creates a potential exposure where the cookie could be accessed by client-side scripts, aligning with a CVSS base of 6.4 (NVD) / 6.5 (CVSS3.1) and a MEDIUM severity: network attack vector, low att...