CVE-2021-4260

Опубликовано: 19 дек. 2022

Источник: nvd

CVSS3: 6.3

CVSS3: 6.1

EPSS Низкий

Описание

A vulnerability was found in oils-js. It has been declared as critical. This vulnerability affects unknown code of the file core/Web.js. The manipulation leads to open redirect. The attack can be initiated remotely. The name of the patch is fad8fbae824a7d367dacb90d56cb02c5cb999d42. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216268.

Ссылки

https://github.com/mannyvergel/oils-js/commit/fad8fbae824a7d367dacb90d56cb02c5cb999d42
Patch
Third Party Advisory
https://vuldb.com/?id.216268
Third Party Advisory
https://github.com/mannyvergel/oils-js/commit/fad8fbae824a7d367dacb90d56cb02c5cb999d42
Patch
Third Party Advisory
https://vuldb.com/?id.216268
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:oils-js_project:oils-js:*:*:*:*:*:node.js:*:*

Версия до 2021-03-23 (исключая)

EPSS

Процентиль: 37%

0.0016

Низкий

6.3 Medium

CVSS3

6.1 Medium

CVSS3

Дефекты

CWE-601

Связанные уязвимости

GHSA-v279-v2xm-whq9

CVSS3: 6.3

github

около 3 лет назад

Oils JS vulnerable to Open Redirect

EPSS

Процентиль: 37%

0.0016

Низкий

6.3 Medium

CVSS3

6.1 Medium

CVSS3

Дефекты

CWE-601