Versions of the package tough-cookie before 4.1.3 are vulnerable to Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized.
Metrics
Affected Vendors & Products
References
History
Tue, 03 Dec 2024 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Thu, 31 Oct 2024 02:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat openshift Data Foundation
|
|
CPEs | cpe:/a:redhat:openshift_data_foundation:4.17::el9 | |
Vendors & Products |
Redhat openshift Data Foundation
|
MITRE
Status: PUBLISHED
Assigner: snyk
Published: 2023-07-01T05:00:01.115Z
Updated: 2024-12-03T15:20:09.362Z
Reserved: 2023-02-20T10:28:48.926Z
Link: CVE-2023-26136
Vulnrichment
Updated: 2024-08-02T11:39:06.610Z
NVD
Status : Modified
Published: 2023-07-01T05:15:16.103
Modified: 2024-11-21T07:50:51.107
Link: CVE-2023-26136
Redhat