Search for packages
| purl | pkg:deb/debian/node-tough-cookie@4.0.0-2%2Bdeb12u1?distro=trixie |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-am2z-v7gj-nqch | Uncontrolled Resource Consumption An attacker that is able to make an HTTP request using a specially crafted cookie may cause the application to consume an excessive amount of CPU. |
CVE-2017-15010
GHSA-g7q5-pjjr-gqvp |
| VCID-wjaq-7np6-z3bk | Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') Versions of the package tough-cookie before 4.1.3 is vulnerable to Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized. |
CVE-2023-26136
GHSA-72xf-g2v4-qvf3 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T08:50:33.615707+00:00 | Debian Importer | Fixing | VCID-wjaq-7np6-z3bk | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-16T08:47:41.355390+00:00 | Debian Importer | Fixing | VCID-am2z-v7gj-nqch | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-11T17:56:26.408530+00:00 | Debian Importer | Fixing | VCID-wjaq-7np6-z3bk | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-11T17:54:32.245421+00:00 | Debian Importer | Fixing | VCID-am2z-v7gj-nqch | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-03T07:47:17.259564+00:00 | Debian Importer | Fixing | VCID-wjaq-7np6-z3bk | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |
| 2026-04-03T07:47:17.218201+00:00 | Debian Importer | Fixing | VCID-am2z-v7gj-nqch | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |