8 matches found
Prototype Pollution
tough-cookie is vulnerable to Prototype Pollution. The vulnerability exists due to improper domain sanitization when using the CookieJar with rejectPublicSuffixes=false which allows an attacker to modify the base prototype, resulting in Prototype Pollution...
CVE-2023-26136
A flaw was found in the tough-cookie package which allows Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized...
tough-cookie Prototype Pollution vulnerability
Versions of the package tough-cookie before 4.1.3 are vulnerable to Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized...
AZL-43684 CVE-2023-26136 affecting package js-jquery 3.5.0-4
Versions of the package tough-cookie before 4.1.3 are vulnerable to Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized...
CVE-2023-26136
Versions of the package tough-cookie before 4.1.3 are vulnerable to Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized...
CVE-2023-26136
Versions of the package tough-cookie before 4.1.3 are vulnerable to Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized...
CVE-2023-26136
CVE-2023-26136 affects tough-cookie prior to 4.1.3. The issue is a Prototype Pollution vulnerability in CookieJar handling when rejectPublicSuffixes=false, arising from how objects are initialized. Impacted component: tough-cookie (node.js library). Reported root cause: improper object initializa...
CVE-2023-26136
Versions of the package tough-cookie before 4.1.3 are vulnerable to Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized...