oss-sec mailing list archives
CVE Request for jenkins-tomcat: Secure and HttpOnly flags are not set for cookies with Jenkins on Tomcat
From: Kurt Seifried <kseifried () redhat com>
Date: Tue, 13 Jan 2015 18:02:26 -0700
jenkins-tomcat: Secure and HttpOnly flags are not set for cookies with Jenkins on Tomcat https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769682 seems like it should get a CVE: http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=httponly -- Kurt Seifried -- Red Hat -- Product Security -- Cloud PGP A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
Attachment:
signature.asc
Description: OpenPGP digital signature
Current thread:
- CVE Request for jenkins-tomcat: Secure and HttpOnly flags are not set for cookies with Jenkins on Tomcat Kurt Seifried (Jan 13)