Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2023/07/06 5:57 a.m.120 views

CVE-2023-26136

A flaw was found in the tough-cookie package which allows Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized...

6.5CVSS8.8AI score0.02542EPSS
Exploits2References8
OSV
OSV
added 2023/07/01 5:15 a.m.9 views

AZL-43684 CVE-2023-26136 affecting package js-jquery 3.5.0-4

Versions of the package tough-cookie before 4.1.3 are vulnerable to Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized...

9.8CVSS6.7AI score0.02542EPSS
Exploits2References1
UbuntuCve
UbuntuCve
added 2023/07/01 5:15 a.m.413 views

CVE-2023-26136

Versions of the package tough-cookie before 4.1.3 are vulnerable to Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized...

9.8CVSS6.8AI score0.02542EPSS
Exploits2References3
Vulnrichment
Vulnrichment
added 2023/07/01 5:0 a.m.15 views

CVE-2023-26136

Versions of the package tough-cookie before 4.1.3 are vulnerable to Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized...

6.5CVSS6.7AI score0.02542EPSS
Exploits2References8
CVE
CVE
added 2023/07/01 5:0 a.m.484 views

CVE-2023-26136

CVE-2023-26136 affects tough-cookie prior to 4.1.3. The issue is a Prototype Pollution vulnerability in CookieJar handling when rejectPublicSuffixes=false, arising from how objects are initialized. Impacted component: tough-cookie (node.js library). Reported root cause: improper object initializa...

9.8CVSS9.2AI score0.02542EPSS
Exploits2References8Affected Software1
Rows per page
Query Builder