Sign In

CVE-2026-54279

ADVISORY - github

Summary

Summary

Host-only cookies that are saved with CookieJar.save() and then restored later with CookieJar.load() lose their host-only status.

Impact

Host-only cookies that have been loaded from disk may get sent to subdomains that previously should have been disallowed.

Patch: https://github.com/aio-libs/aiohttp/commit/a329a7aacad5284f087af36103aff778746da0f2

EPSS Score: 0.00024 (0.072)

Common Weakness Enumeration (CWE)

ADVISORY - github

CWE-665

Improper Initialization

Impacted images

Advisories
Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.

Sign in