CVE-2026-6019

ADVISORY - nist

Summary

http.cookies.Morsel.js_output() returns an inline inside the generated script element. Mitigation base64-encodes the cookie value to disallow escaping using cookie value.

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-150⁠

Improper Neutralization of Escape, Meta, or Control Sequences

Impacted images

Advisories

NIST

CREATED

17 hours ago

UPDATED

15 hours ago

ADVISORY IDCVE-2026-6019⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-150⁠

CVSS SCORE

2.1low

Debian

CREATED

2 hours ago

UPDATED

2 hours ago

ADVISORY IDCVE-2026-6019⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

14 minutes ago

UPDATED

7 minutes ago

ADVISORY IDCVE-2026-6019⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium