CVE-2023-0055

CVSS V2 None CVSS V3 None

Description

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository pyload/pyload prior to 0.5.0b3.dev32.

Overview

CVE ID
CVE-2023-0055

Assigner
security@huntr.dev

Vulnerability Status
Analyzed

Published Version
2023-01-04T22:15:09

Last Modified Date
2023-01-11T16:01:57

Weakness Enumerations

CWE	URL
CWE-319	http://cwe.mitre.org/data/definitions/319.html
CWE-614	http://cwe.mitre.org/data/definitions/614.html

CPE Configuration (Product)

CPE	Vulnerable	Operator	Version Start	Version End
cpe:2.3:a:pyload:pyload:0.5.0:::::::*	1	OR

References

Reference URL	Reference Tags
https://github.com/pyload/pyload/commit/7b53b8d43c2c072b457dcd19c8a09bcfc3721703
https://huntr.dev/bounties/ed88e240-99ff-48a1-bf32-8e1ef5f13cce

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2023-0055
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0055

History

Created	Old Value	New Value	Data Type	Notes
2023-01-04 22:17:20				Added to TrackCVE
2023-01-04 22:17:20			Weakness Enumeration	new
2023-01-04 23:14:49		2023-01-04T22:27:21	CVE Modified Date	updated
2023-01-04 23:14:49	Received	Awaiting Analysis	Vulnerability Status	updated
2023-01-04 23:14:49			CVSS V3 information	new
2023-01-09 18:24:19	Awaiting Analysis	Undergoing Analysis	Vulnerability Status	updated
2023-01-09 18:24:22			CVSS V3 information	new
2023-01-12 05:15:37		2023-01-11T16:01:57	CVE Modified Date	updated
2023-01-12 05:15:37	Undergoing Analysis	Analyzed	Vulnerability Status	updated
2023-01-12 05:15:43			Weakness Enumeration	update
2023-01-12 05:15:45			CPE Information	updated
2023-01-12 05:15:45			CVSS V3 information	new