Security Advisory

CVE-2015-2156

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2017-10-18 15:00:00

Last updated 2024-08-06 05:10:14

Assigner mitre

State PUBLISHED

Description

Netty before 3.9.8.Final, 3.10.x before 3.10.3.Final, 4.0.x before 4.0.28.Final, and 4.1.x before 4.1.0.Beta5 and Play Framework 2.x before 2.3.9 might allow remote attackers to bypass the httpOnly flag on cookies and obtain sensitive information by leveraging improper validation of cookie name and value characters.

← Browse all CVEs View on cve.org ↗