exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 6

CVE-2025-4035

3 месяца назад

A flaw was found in libsoup. When handling cookies, libsoup clients mistakenly allow cookies to be set for public suffix domains if the domain contains at least two components and includes an uppercase character. This bypasses public suffix protections and could allow a malicious website to set cookies for domains it does not own, potentially leading to integrity issues such as session fixation.

CVSS3: 4.3

EPSS: Низкий

CVE-2025-4035

3 месяца назад

A flaw was found in libsoup. When handling cookies, libsoup clients mistakenly allow cookies to be set for public suffix domains if the domain contains at least two components and includes an uppercase character. This bypasses public suffix protections and could allow a malicious website to set cookies for domains it does not own, potentially leading to integrity issues such as session fixation.

CVSS3: 4.3

EPSS: Низкий

CVE-2025-4035

3 месяца назад

A flaw was found in libsoup. When handling cookies, libsoup clients mistakenly allow cookies to be set for public suffix domains if the domain contains at least two components and includes an uppercase character. This bypasses public suffix protections and could allow a malicious website to set cookies for domains it does not own, potentially leading to integrity issues such as session fixation.

CVSS3: 4.3

EPSS: Низкий

CVE-2025-4035

3 месяца назад

A flaw was found in libsoup. When handling cookies, libsoup clients mi ...

CVSS3: 4.3

EPSS: Низкий

GHSA-9685-44wp-34gm

3 месяца назад

A flaw was found in libsoup. When handling cookies, libsoup clients mistakenly allow cookies to be set for public suffix domains if the domain contains at least two components and includes an uppercase character. This bypasses public suffix protections and could allow a malicious website to set cookies for domains it does not own, potentially leading to integrity issues such as session fixation.

CVSS3: 4.3

EPSS: Низкий

ELSA-2025-8128

около 1 месяца назад

ELSA-2025-8128: libsoup3 security update (IMPORTANT)

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2025-4035 A flaw was found in libsoup. When handling cookies, libsoup clients mistakenly allow cookies to be set for public suffix domains if the domain contains at least two components and includes an uppercase character. This bypasses public suffix protections and could allow a malicious website to set cookies for domains it does not own, potentially leading to integrity issues such as session fixation.	CVSS3: 4.3	0% Низкий	3 месяца назад
CVE-2025-4035 A flaw was found in libsoup. When handling cookies, libsoup clients mistakenly allow cookies to be set for public suffix domains if the domain contains at least two components and includes an uppercase character. This bypasses public suffix protections and could allow a malicious website to set cookies for domains it does not own, potentially leading to integrity issues such as session fixation.	CVSS3: 4.3	0% Низкий	3 месяца назад
CVE-2025-4035 A flaw was found in libsoup. When handling cookies, libsoup clients mistakenly allow cookies to be set for public suffix domains if the domain contains at least two components and includes an uppercase character. This bypasses public suffix protections and could allow a malicious website to set cookies for domains it does not own, potentially leading to integrity issues such as session fixation.	CVSS3: 4.3	0% Низкий	3 месяца назад
CVE-2025-4035 A flaw was found in libsoup. When handling cookies, libsoup clients mi ...	CVSS3: 4.3	0% Низкий	3 месяца назад
GHSA-9685-44wp-34gm A flaw was found in libsoup. When handling cookies, libsoup clients mistakenly allow cookies to be set for public suffix domains if the domain contains at least two components and includes an uppercase character. This bypasses public suffix protections and could allow a malicious website to set cookies for domains it does not own, potentially leading to integrity issues such as session fixation.	CVSS3: 4.3	0% Низкий	3 месяца назад
ELSA-2025-8128 ELSA-2025-8128: libsoup3 security update (IMPORTANT)			около 1 месяца назад

Уязвимостей на страницу