GHSA-8wrg-m8vm-5fvj

Опубликовано: 15 фев. 2022

Источник: github

Github: Прошло ревью

CVSS3: 7.5

Описание

Authentication Bypass by Primary Weakness in github.com/kongchuanhujiao/server

Impact

Authentication Bypass by Primary Weakness (CWE-305)

Commit:

https://github.com/kongchuanhujiao/server/commit/9a125624f219e496bdf4b07b404816d5a309bdc1

ALL Users is impacted.

Patches

Yes, PLEASE UPGRADE TO v1.3.21-beta.d0ffc0a6

Ссылки

Пакеты

Наименование

github.com/kongchuanhujiao/server

Затронутые версииВерсия исправления

< 1.3.21

1.3.21

EPSS

Процентиль: 57%

0.00353

Низкий

7.5 High

CVSS3

CVE ID

CVE-2021-21403

Дефекты

CWE-287

CWE-305

Связанные уязвимости

CVE-2021-21403

CVSS3: 7.5

nvd

почти 5 лет назад

In github.com/kongchuanhujiao/server before version 1.3.21 there is an authentication Bypass by Primary Weakness vulnerability. All users are impacted. This is fixed in version 1.3.21.

EPSS

Процентиль: 57%

0.00353

Низкий

7.5 High

CVSS3

CVE ID

CVE-2021-21403

Дефекты

CWE-287

CWE-305