Search for packages
| purl | pkg:deb/debian/node-tough-cookie@4.0.0-2%2Bdeb11u1?distro=trixie |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-am2z-v7gj-nqch | Uncontrolled Resource Consumption An attacker that is able to make an HTTP request using a specially crafted cookie may cause the application to consume an excessive amount of CPU. |
CVE-2017-15010
GHSA-g7q5-pjjr-gqvp |
| VCID-wjaq-7np6-z3bk | Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') Versions of the package tough-cookie before 4.1.3 is vulnerable to Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized. |
CVE-2023-26136
GHSA-72xf-g2v4-qvf3 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T08:50:33.610673+00:00 | Debian Importer | Fixing | VCID-wjaq-7np6-z3bk | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-16T08:47:41.352499+00:00 | Debian Importer | Fixing | VCID-am2z-v7gj-nqch | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-11T17:56:26.402789+00:00 | Debian Importer | Fixing | VCID-wjaq-7np6-z3bk | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-11T17:54:32.237582+00:00 | Debian Importer | Fixing | VCID-am2z-v7gj-nqch | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-03T07:47:17.266395+00:00 | Debian Importer | Fixing | VCID-wjaq-7np6-z3bk | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |
| 2026-04-03T07:47:17.236580+00:00 | Debian Importer | Fixing | VCID-am2z-v7gj-nqch | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |