Search for packages
| purl | pkg:rpm/redhat/rh-nodejs4-nodejs-tough-cookie@2.3.3-2?arch=el7 |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 4.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-am2z-v7gj-nqch
Aliases: CVE-2017-15010 GHSA-g7q5-pjjr-gqvp |
Uncontrolled Resource Consumption An attacker that is able to make an HTTP request using a specially crafted cookie may cause the application to consume an excessive amount of CPU. | There are no reported fixed by versions. |
|
VCID-gcrq-1at1-bygq
Aliases: CVE-2016-1000232 GHSA-qhv9-728r-6jqg |
Improper Input Validation NodeJS Tough-Cookie version 2.2.2 contains a Regular Expression Parsing vulnerability in HTTP request Cookie Header parsing that can result in Denial of Service. This attack appear to be exploitable via Custom HTTP header passed by client. This vulnerability appears to have been fixed in 2.3.0. | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T14:35:48.043783+00:00 | RedHat Importer | Affected by | VCID-gcrq-1at1-bygq | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000232.json | 38.0.0 |
| 2026-04-01T14:28:57.158296+00:00 | RedHat Importer | Affected by | VCID-am2z-v7gj-nqch | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15010.json | 38.0.0 |