Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-26136 PoC — tough-cookie 安全漏洞

Source
https://github.com/dani33339/tough-cookie-SealSecurity
Associated Vulnerability
Title:tough-cookie 安全漏洞 (CVE-2023-26136)
Description:Versions of the package tough-cookie before 4.1.3 are vulnerable to Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized.
Description
CVE-2023-26136 vulnerability research
File Snapshot

 [4.0K]  /data/pocs/0c255b76e11adeeb39f9989ec955d89766ca9e68
├── [6.7K]  changes.diff
├── [ 684]  index.js
├── [  57]  package.json
├── [1.3K]  package-lock.json
├── [4.0K]  tough-cookie
└── [ 25K]  tough-cookie-2.5.0-PATCHED.tgz

1 directory, 5 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →