exploitDog

CVE-2023-0055

Опубликовано: 04 янв. 2023

Источник: nvd

CVSS3: 3.1

CVSS3: 5.3

EPSS Низкий

Описание

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository pyload/pyload prior to 0.5.0b3.dev32.

Ссылки

https://github.com/pyload/pyload/commit/7b53b8d43c2c072b457dcd19c8a09bcfc3721703
Patch
Third Party Advisory
https://huntr.dev/bounties/ed88e240-99ff-48a1-bf32-8e1ef5f13cce
Exploit
Patch
Third Party Advisory
https://github.com/pyload/pyload/commit/7b53b8d43c2c072b457dcd19c8a09bcfc3721703
Patch
Third Party Advisory
https://huntr.dev/bounties/ed88e240-99ff-48a1-bf32-8e1ef5f13cce
Exploit
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:pyload:pyload:0.5.0:*:*:*:*:*:*:*

EPSS

Процентиль: 35%

0.00145

Низкий

3.1 Low

CVSS3

5.3 Medium

CVSS3

Дефекты

CWE-614

CWE-319

Связанные уязвимости

CVE-2023-0055

CVSS3: 5.3

debian

около 3 лет назад

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub ...

GHSA-m3g7-wrrq-v5c8

CVSS3: 5.3

github

около 3 лет назад

Pyload contains Sensitive Cookie in HTTPS Session Without 'Secure' Attribute

EPSS

Процентиль: 35%

0.00145

Низкий

3.1 Low

CVSS3

5.3 Medium

CVSS3

Дефекты

CWE-614

CWE-319