exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2008-3661

больше 17 лет назад

Drupal, probably 5.10 and 6.4, does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.

CVSS2: 5

EPSS: Низкий

CVE-2008-3661

больше 17 лет назад

Drupal, probably 5.10 and 6.4, does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.

EPSS: Низкий

CVE-2008-3661

больше 17 лет назад

Drupal, probably 5.10 and 6.4, does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.

CVSS2: 5

EPSS: Низкий

CVE-2008-3661

больше 17 лет назад

Drupal, probably 5.10 and 6.4, does not set the secure flag for the se ...

CVSS2: 5

EPSS: Низкий

GHSA-q4hh-4qxq-c529

почти 4 года назад

Drupal, probably 5.10 and 6.4, does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2008-3661 Drupal, probably 5.10 and 6.4, does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.	CVSS2: 5	2% Низкий	больше 17 лет назад
CVE-2008-3661 Drupal, probably 5.10 and 6.4, does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.		2% Низкий	больше 17 лет назад
CVE-2008-3661 Drupal, probably 5.10 and 6.4, does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.	CVSS2: 5	2% Низкий	больше 17 лет назад
CVE-2008-3661 Drupal, probably 5.10 and 6.4, does not set the secure flag for the se ...	CVSS2: 5	2% Низкий	больше 17 лет назад
GHSA-q4hh-4qxq-c529 Drupal, probably 5.10 and 6.4, does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.		2% Низкий	почти 4 года назад

Уязвимостей на страницу