CVE-2016-1000232

Related Files

Red Hat Security Advisory 2017-2912-01

Posted Oct 18, 2017

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2912-01 - Tough-Cookie is a Node.js module that offers RFC6265 Cookies and Cookie Jar. The following packages have been upgraded to a later upstream version: rh-nodejs4-nodejs-tough-cookie. Security Fix: Regular expression denial of service flaws were found in Tough-Cookie. An attacker able to make an application using Touch-Cookie to parse a sufficiently large HTTP request Cookie header could cause the application to consume an excessive amount of CPU.

tags | advisory, web, denial of service

systems | linux, redhat

advisories | CVE-2016-1000232, CVE-2017-15010

SHA-256 | 15d05375027e414524dfcc71c88c277757bdd2644e884d5051db86ec3f021974

Download | Favorite | View

Red Hat Security Advisory 2016-2101-01

Posted Oct 27, 2016

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2101-01 - Red Hat OpenShift Container Platform is the company's cloud computing Platform-as-a-Service solution designed for on-premise or private cloud deployments. Security Fix: A regular expression denial of service flaw was found in Tough-Cookie. An attacker able to make an application using Touch-Cookie to parse a sufficiently large HTTP request Cookie header could cause the application to consume an excessive amount of CPU.

tags | advisory, web, denial of service

systems | linux, redhat

advisories | CVE-2016-1000232, CVE-2016-5325

SHA-256 | 0c1b4ed27f0d1db4f3edc634e7d5fccb7e419a267e21c9074481e69ff631e66b

Download | Favorite | View