Back to search
CVE-2017-15010
Published: Oct 3, 2017
Modified: Aug 5, 2024
PUBLISHED
Description
A ReDoS (regular expression denial of service) flaw was found in the tough-cookie module before 2.3.3 for Node.js. An attacker that is able to make an HTTP request using a specially crafted cookie may cause the application to consume an excessive amount of CPU.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
RHSA-2017:2913
vendor-advisory
x_refsource_REDHAT
https://nodesecurity.io/advisories/525
x_refsource_CONFIRM
101185
vdb-entry
x_refsource_BID
RHSA-2018:1264
vendor-advisory
x_refsource_REDHAT
RHSA-2017:2912
vendor-advisory
x_refsource_REDHAT
RHSA-2018:1263
vendor-advisory
x_refsource_REDHAT
https://github.com/salesforce/tough-cookie/issues/92
x_refsource_CONFIRM
https://snyk.io/vuln/npm:tough-cookie:20170905
x_refsource_CONFIRM
FEDORA-2019-76f1b57c1c
vendor-advisory
x_refsource_FEDORA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now