RHSA-2017:2913-01 -- Redhat rh-nodejs6-nodejs-tough-cookieID: oval:org.secpod.oval:def:504920 | Date: (C)2021-02-03 (M)2022-10-10 |
Class: PATCH | Family: unix |
Tough-Cookie is a Node.js module that offers RFC6265 Cookies and Cookie Jar. The following packages have been upgraded to a later upstream version: rh-nodejs6-nodejs-tough-cookie . Security Fix: * A regular expression denial of service flaw was found in Tough-Cookie. An attacker able to make an application using Touch-Cookie to parse a sufficiently large HTTP request Cookie header could cause the application to consume an excessive amount of CPU
Platform: |
Red Hat Enterprise Linux 7 |
Red Hat Enterprise Linux 6 |
Product: |
rh-nodejs6-nodejs-tough-cookie |