rpm package
opensuse/rubygem-http-cookie&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/rubygem-http-cookie&distro=openSUSE%20Tumbleweed
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-7401 | Hig | 7.5 | < 1.0.5-1.1 | 1.0.5-1.1 | Oct 3, 2016 | The cookie parsing code in Django before 1.8.15 and 1.9.x before 1.9.10, when used on a site with Google Analytics, allows remote attackers to bypass an intended CSRF protection mechanism by setting arbitrary cookies. |
- affected < 1.0.5-1.1fixed 1.0.5-1.1
The cookie parsing code in Django before 1.8.15 and 1.9.x before 1.9.10, when used on a site with Google Analytics, allows remote attackers to bypass an intended CSRF protection mechanism by setting arbitrary cookies.