Salesforce Tough-cookie — known CVE vulnerabilities
Every CVE whose affected-product data names Salesforce Tough-cookie, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2017-15010 — CVSS 7.5 (high): A ReDoS (regular expression denial of service) flaw was found in the tough-cookie module before 2.3.3 for Node.js. An attacker that is able…
CVE-2023-26136 — CVSS 6.5 (medium): Versions of the package tough-cookie before 4.1.3 are vulnerable to Prototype Pollution due to improper handling of Cookies when using…
CVE-2016-1000232 — CVSS 5.3 (medium): NodeJS Tough-Cookie version 2.2.2 contains a Regular Expression Parsing vulnerability in HTTP request Cookie Header parsing that can result…