Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

6 advisories

Loading
github.com/gitpod-io/gitpod vulnerable to Cookie Tossing Moderate
CVE-2024-21583 was published for github.com/gitpod-io/gitpod (Go) Jul 19, 2024
Rails Multisite secure/signed cookies share secrets between sites in a multi-site application Moderate
CVE-2021-41263 was published for rails_multisite (RubyGems) Nov 15, 2021
Reliance on Cookies without Validation and Integrity Checking in getgrav/grav Moderate
CVE-2021-3818 was published for getgrav/grav (Composer) Sep 29, 2021
Reliance on Cookies without validation in OctoberCMS Moderate
CVE-2020-15128 was published for october/rain (Composer) Aug 5, 2020
Lack of protection against cookie tossing attacks in fastify-csrf Moderate
CVE-2021-29624 was published for fastify-csrf (npm) May 17, 2021
ReactPHP's HTTP server parses encoded cookie names so malicious `__Host-` and `__Secure-` cookies can be sent Moderate
CVE-2022-36032 was published for react/http (Composer) Sep 16, 2022
lavish
ProTip! Advisories are also available from the GraphQL API