GHSA-qg5g-gv98-5ffh: rustls network-reachable panic in `Acceptor::accept`

GHSA-rjjv-87mx-6x3h: @sveltejs/kit vulnerable to on dev mode 404 page

GHSA-mh2x-fcqh-fmqv: @sveltejs/kit has unescaped error message included on error page

GHSA-5xr6-xhww-33m4: Artifact poisoning vulnerability in action-download-artifact v5 and earlier

GHSA-7f6p-phw2-8253: Taurus multi-party-sig has OT-based ECDSA protocol implementation flaws

rdiffweb version 2.4.1 is vulnerable to Sensitive Cookie in HTTPS Session Without 'Secure' Attribute. This makes it so that a user's cookies can be sent to the server with an unencrypted request over the HTTP protocol. Version 2.4.2 contains a fix for the issue.

**rdiffweb 2.4.1 vulnerable to Sensitive Cookie in HTTPS Session Without 'Secure' Attribute**

High severity GitHub Reviewed Published Sep 14, 2022 • Updated Sep 15, 2022

Headline

GHSA-mjw4-xvx6-3grg: rdiffweb 2.4.1 vulnerable to Sensitive Cookie in HTTPS Session Without 'Secure' Attribute

Related news

ghsa: Latest News