Name of the Vulnerable Software and Affected Versions Gsemac.Common (affected versions not specified)

Description The project contains an out-of-date version of the Public Suffix List. Using old versions of the Public Suffix List can lead to incorrect construction of privacy boundaries between websites, potentially harming privacy by allowing data, such as cookies, to be set incorrectly. The Public Suffix List is regularly updated, and applications that use it should routinely fetch an updated copy to maintain correct privacy boundaries.

Recommendations Update the Public Suffix List to the latest version to ensure correct privacy boundaries are maintained. As a temporary workaround, consider routinely fetching an updated copy of the Public Suffix List to minimize the risk of exploitation. Restrict access to sensitive data, such as cookies, until the issue is resolved.