[Epel-packagers-sig] [Bug 2220682] New: CVE-2023-26136 yarnpkg: tough-cookie: prototype pollution in cookie memstore [fedora-all]

Wednesday, 5 July 2023

https://bugzilla.redhat.com/show_bug.cgi?id=2220682

            Bug ID: 2220682
           Summary: CVE-2023-26136 yarnpkg: tough-cookie: prototype
                    pollution in cookie memstore [fedora-all]
           Product: Fedora
           Version: 38
            Status: NEW
         Component: yarnpkg
          Keywords: Security, SecurityTracking
          Severity: medium
          Priority: medium
          Assignee: zsvetlik(a)redhat.com
          Reporter: ahanwate(a)redhat.com
        QA Contact: extras-qa(a)fedoraproject.org
                CC: epel-packagers-sig(a)lists.fedoraproject.org,
                    manisandro(a)gmail.com, ngompa13(a)gmail.com,
                    zsvetlik(a)redhat.com
  Target Milestone: ---
    Classification: Fedora

More information about this security flaw is available in the following bug:

http://bugzilla.redhat.com/show_bug.cgi?id=2219310

Disclaimer: Community trackers are created by Red Hat Product Security team on
a best effort basis. Package maintainers are required to ascertain if the flaw
indeed affects their package, before starting the update process.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2220682

Report this comment as SPAM:
https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=rep...

2024

2023

2022

2021

[Epel-packagers-sig] [Bug 2220682] New: CVE-2023-26136 yarnpkg: tough-cookie: prototype pollution in cookie memstore [fedora-all]