Описание
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. Reason: This CVE has been rejected as it was incorrectly assigned. All references and descriptions in this candidate have been removed to prevent accidental usage
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | |
| esm-apps/focal | not-affected | |
| esm-apps/jammy | not-affected | |
| focal | ignored | end of standard support, was needs-triage |
| impish | ignored | end of life, was needs-triage |
| jammy | not-affected | |
| upstream | not-affected |
Показывать по
Связанные уязвимости
[REJECTED CVE] A vulnerability has been identified in the axios library where cookies can be leaked to unauthorized domains during HTTP redirects. This occurs because axios includes the original Cookie header when following a Location redirect to a different domain, violating the same-origin policy. An attacker could exploit this by redirecting requests to their controlled domain, gaining access to sensitive cookies and potentially hijacking user accounts.
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. Reason: This CVE has been rejected as it was incorrectly assigned. All references and descriptions in this candidate have been removed to prevent accidental usage
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository axios/axios prior to 0.26.