Lucene search
David KirchnerNODEJS:130HistoryJul 22, 2016 - 7:43 p.m.
ReDoS via long string of semicolons
2016-07-2219:43:01
David Kirchner
www.npmjs.com
59
EPSS
0.006
Percentile
79.2%
Overview
Affected versions of tough-cookie may be vulnerable to regular expression denial of service when long strings of semicolons exist in the Set-Cookie header.
Recommendation
Update to version 2.3.0 or later.
References
Related
openvas
openvas
Fedora Update for nodejs-tough-cookie FEDORA-2016-286a8ec5b0
2016-11-14 00:00:00
fedora
fedora
[SECURITY] Fedora 23 Update: nodejs-tough-cookie-2.3.1-1.fc23
2016-10-01 04:23:52
osv
osv
CVE-2016-1000232
2018-09-05 17:29:00
ReDoS via long string of semicolons in tough-cookie
2018-10-10 18:57:02
redhatcve
redhatcve
CVE-2016-1000232
2019-11-07 04:12:52
nessus
nessus
Fedora 23 : nodejs-tough-cookie (2016-286a8ec5b0)
2016-10-06 00:00:00
Fedora 24 : nodejs-tough-cookie (2016-c0fd203d6e)
2016-08-09 00:00:00
RHEL 6 / 7 : rh-nodejs4-nodejs-tough-cookie (RHSA-2017:2912)
2024-04-27 00:00:00
nvd
nvd
CVE-2016-1000232
2018-09-05 17:29:00
cvelist
cvelist
CVE-2016-1000232
2018-09-05 17:00:00
ibm
ibm
prion
prion
Design/Logic Flaw
2018-09-05 17:29:00
github
github
ReDoS via long string of semicolons in tough-cookie
2018-10-10 18:57:02
cve
cve
CVE-2016-1000232
2018-09-05 17:29:00
veracode
veracode
Regular Expression Denial Of Service (ReDoS) Via Long String Of Semicolons
2019-01-15 09:13:59
redhat
redhat