rpm package
opensuse/ruby3.2-rubygem-http-cookie&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/ruby3.2-rubygem-http-cookie&distro=openSUSE%20Tumbleweed
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-7401 | Hig | 7.5 | < 1.0.5-1.4 | 1.0.5-1.4 | Oct 3, 2016 | The cookie parsing code in Django before 1.8.15 and 1.9.x before 1.9.10, when used on a site with Google Analytics, allows remote attackers to bypass an intended CSRF protection mechanism by setting arbitrary cookies. |
- affected < 1.0.5-1.4fixed 1.0.5-1.4
The cookie parsing code in Django before 1.8.15 and 1.9.x before 1.9.10, when used on a site with Google Analytics, allows remote attackers to bypass an intended CSRF protection mechanism by setting arbitrary cookies.