CVE-2023-0055 · CVEKit

cve.orgen

119 chars

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository pyload/pyload prior to 0.5.0b3.dev32.

NVDen

119 chars

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository pyload/pyload prior to 0.5.0b3.dev32.

OSV.deven

330 chars

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository pyload/pyload prior to 0.5.0b3.dev32. The Secure attribute for sensitive cookies in HTTPS sessions is not set, which could cause the user agent to send those cookies in plaintext over an HTTP session. This issue is patched in version 0.5.0b3.dev32.

GHSAen

330 chars

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository pyload/pyload prior to 0.5.0b3.dev32. The Secure attribute for sensitive cookies in HTTPS sessions is not set, which could cause the user agent to send those cookies in plaintext over an HTTP session. This issue is patched in version 0.5.0b3.dev32.

NVDes

125 chars

Cookie confidencial en sesión HTTPS sin atributo 'seguro' en el repositorio de GitHub pyload/pyload anterior a 0.5.0b3.dev32.

CVSS metrics across sources

5

Version	Type	Source	Base	Exp	Impact	Vector
3.0	Primary	cve.org	3.1	—	—	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
3.0	Primary	cve.org	3.1	—	—	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N