94 matches found
Astra Linux - уязвимость в node-tough-cookie
Versions of the tough-cookie package before 4.1.3 are vulnerable to Prototype Pollution due to improper handling of Cookies when using CookieJar in the rejectPublicSuffixes=false mode. This issue arises from the way in which the objects are initialized...
Security Bulletin: tough-cookie Prototype Pollution Vulnerability in CookieJar, affects watsonx.data
Summary ough-cookie versions prior to 4.1.3 are vulnerable to prototype pollution when using CookieJar with rejectPublicSuffixes=false due to improper object initialization. Fixed in version 4.1.3. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2023-26136 DESCRIPTION: Versions of t...
Security Bulletin: Vulnerabilities in Eran Hammer cryptiles, PostCSS,Node.js,node-notifier,es5-ext ,MySQL Connectors,json-path and tough-cookie might affect IBM Storage Defender Copy Data Management
Summary IBM Storage Defender Copy Data Management can be affected by vulnerabilities in Eran Hammer cryptiles, PostCSS,Node.js,node-notifier,es5-ext ,MySQL Connectors,json-path and tough-cookier. Vulnerabilities include an attacker is able to brute force something that was supposed to be random, ...
EUVD-2018-0666
Malware in sbrugna...
EUVD-2018-0269
Malware in sbrugna...
EUVD-2023-1983
Malicious code in bioql PyPI...
Versions of the package tough-cookie before 4.1.3 are vulnerable to Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized.
...
Linux Distros Unpatched Vulnerability : CVE-2017-15010
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A ReDoS regular expression denial of service flaw was found in the tough-cookie module before 2.3.3 for Node.js. An attacker that is able to make an HTTP reques...
Linux Distros Unpatched Vulnerability : CVE-2023-26136
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Versions of the package tough-cookie before 4.1.3 are vulnerable to Prototype Pollution due to improper handling of Cookies when using CookieJar in...
Exploit for Prototype Pollution in Salesforce Tough-Cookie
CVE-2023-26136 Fix for tough-cookie 2.5.0 Mission Overview...
RHSA-2017:2913 Red Hat Security Advisory: rh-nodejs6-nodejs-tough-cookie security update
Bulletin has no description...
RHSA-2017:2912 Red Hat Security Advisory: rh-nodejs4-nodejs-tough-cookie security update
Bulletin has no description...
Security Bulletin: Vulnerability in tough-cookie affect Cloud Pak System
Summary Vulnerability found in tough-cookie affect Cloud Pak SystemCVE-2023-26136 Vulnerability Details CVEID:CVE-2023-26136 DESCRIPTION: Salesforce tough-cookie could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw due to improper handling of...
Security Bulletin: IBM App Connect Enterprise Certified Container operands are vulnerable to arbitrary code execution
Summary Salesforce tough-cookie is used by IBM App Connect Enterprise Certified Container for handling cookies. IBM App Connect Enterprise Certified Container operands are vulnerable to arbitrary code execution. This bulletin provides patch information to address the reported vulnerability in...
RHEL 8 : tough-cookie (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - tough-cookie: prototype pollution in cookie memstore CVE-2023-26136 Note that Nessus has not tested for this issue...
RHEL 6 / 7 : rh-nodejs4-nodejs-tough-cookie (RHSA-2017:2912)
The remote Redhat Enterprise Linux 6 / 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2017:2912 advisory. Tough-Cookie is a Node.js module that offers RFC6265 Cookies and Cookie Jar. The following packages have been upgraded to a later upstre...
RHEL 6 / 7 : rh-nodejs6-nodejs-tough-cookie (RHSA-2017:2913)
The remote Redhat Enterprise Linux 6 / 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2017:2913 advisory. Tough-Cookie is a Node.js module that offers RFC6265 Cookies and Cookie Jar. The following packages have been upgraded to a later upstream versio...
Security Bulletin: IBM Planning Analytics Workspace has addressed multiple vulnerabilities
Summary IBM Planning Analytics Workspace is considered vulnerable to a Malicious File Upload vulnerability which could allow a privileged user to upload malicious files that can be automatically processed within the product CVE-2023-42017. This vulnerability has been addressed. IBM Planning...
MGASA-2024-0080 Updated nodejs-tough-cookie packages fix security vulnerability
Versions of the package tough-cookie before 4.1.3 are vulnerable to Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized. CVE-2023-26136...
Updated nodejs-tough-cookie packages fix security vulnerability
Versions of the package tough-cookie before 4.1.3 are vulnerable to Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized. CVE-2023-26136...