CVE-2022-23607MEDIUMCVSS 6.5fixed in python-treq 22.2.0-0.1 (bookworm)2022
CVE-2022-23607 [MEDIUM] CVE-2022-23607: python-treq - treq is an HTTP library inspired by requests but written on top of Twisted's Age...
treq is an HTTP library inspired by requests but written on top of Twisted's Agents. Treq's request methods (`treq.get`, `treq.post`, etc.) and `treq.client.HTTPClient` constructor accept cookies as a dictionary. Such cookies are not bound to a single domain, and are therefore sent to *every* domain ("supercookies"). This can potentially cause sensitive inform
debian