GHSA-f4c9-cqv8-9v98

Опубликовано: 24 мая 2022

Источник: github

Github: Прошло ревью

CVSS3: 0

Описание

Withdrawn Advisory: Insufficient Granularity of Access Control in JSDom

Withdrawn Advisory

This advisory has been withdrawn because the user must configure jsdom to allow access to local files.

Original Description

JSDom improperly allows the loading of local resources, which allows for local files to be manipulated by a malicious web page when script execution is enabled.

Ссылки

Пакеты

Наименование

jsdom

npm

Затронутые версииВерсия исправления

<= 16.4.0

16.5.0

EPSS

Процентиль: 59%

0.00378

Низкий

0 Low

CVSS3

CVE ID

CVE-2021-20066

Дефекты

CWE-1220

Связанные уязвимости

CVE-2021-20066

CVSS3: 5.6

ubuntu

почти 5 лет назад

JSDom improperly allows the loading of local resources, which allows for local files to be manipulated by a malicious web page when script execution is enabled.

CVE-2021-20066

CVSS3: 5.6

redhat

почти 5 лет назад

JSDom improperly allows the loading of local resources, which allows for local files to be manipulated by a malicious web page when script execution is enabled.

CVE-2021-20066

CVSS3: 5.6

nvd

почти 5 лет назад

JSDom improperly allows the loading of local resources, which allows for local files to be manipulated by a malicious web page when script execution is enabled.

CVE-2021-20066

CVSS3: 5.6

debian

почти 5 лет назад

JSDom improperly allows the loading of local resources, which allows f ...

EPSS

Процентиль: 59%

0.00378

Низкий

0 Low

CVSS3

CVE ID

CVE-2021-20066

Дефекты

CWE-1220