Lucene search
K

9 matches found

Microsoft CVE
Microsoft CVE
added 2025/09/03 9:34 p.m.9 views

Versions of the package tough-cookie before 4.1.3 are vulnerable to Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized.

...

9.8CVSS7AI score0.02542EPSS
Exploits2
OSV
OSV
added 2023/12/22 11:6 a.m.3 views

OESA-2023-1952 nodejs-tough-cookie security update

. Security Fixes: Versions of the package tough-cookie before 4.1.3 are vulnerable to Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized.CVE-2023-26136...

9.8CVSS6.9AI score0.02542EPSS
Exploits2References2
RedHat Linux
RedHat Linux
added 2023/10/06 7:21 a.m.3 views

tough-cookie: prototype pollution in cookie memstore

A flaw was found in the tough-cookie package which allows Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized...

9.8CVSS7.1AI score0.02542EPSS
Exploits2References9
RedHat Linux
RedHat Linux
added 2023/10/06 3:41 a.m.3 views

tough-cookie: prototype pollution in cookie memstore

A flaw was found in the tough-cookie package which allows Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized...

9.8CVSS7.1AI score0.02542EPSS
Exploits2References9
RedHat Linux
RedHat Linux
added 2023/10/05 8:18 p.m.2 views

tough-cookie: prototype pollution in cookie memstore

A flaw was found in the tough-cookie package which allows Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized...

9.8CVSS7.1AI score0.02542EPSS
Exploits2References9
OSV
OSV
added 2023/07/01 6:30 a.m.3 views

GHSA-72XF-G2V4-QVF3 tough-cookie Prototype Pollution vulnerability

Versions of the package tough-cookie before 4.1.3 are vulnerable to Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized...

6.5CVSS6.8AI score0.02542EPSS
Exploits2References10
OSV
OSV
added 2023/07/01 5:15 a.m.6 views

AZL-44556 CVE-2023-26136 affecting package js-jquery 3.5.0-4

Versions of the package tough-cookie before 4.1.3 are vulnerable to Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized...

9.8CVSS6.7AI score0.02542EPSS
Exploits2References1
CNNVD
CNNVD
added 2023/07/01 12:0 a.m.2 views

tough-cookie 安全漏洞

tough-cookie is an open source library from Salesforce. A security vulnerability exists in tough-cookie versions prior to 4.1.3 that stems from improper handling of cookies when using CookieJar in rejectPublicSuffixes=false mode, which could lead to a prototype contamination vulnerability...

9.8CVSS6.3AI score0.02542EPSS
Exploits2References8
Snyk
Snyk
added 2023/06/08 2:45 p.m.5 views

Prototype Pollution

Overview tough-cookie is a RFC6265 Cookies and CookieJar module for Node.js. Affected versions of this package are vulnerable to Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. Due to an issue with the manner in which the objects ar...

9.8CVSS7.3AI score0.02542EPSS
Exploits2References2
Rows per page
Query Builder