Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2021-43861

Опубликовано: 30 дек. 2021
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 3.5
CVSS3: 7.2

Описание

Mermaid is a Javascript based diagramming and charting tool that uses Markdown-inspired text definitions and a renderer to create and modify complex diagrams. Prior to version 8.13.8, malicious diagrams can run javascript code at diagram readers' machines. Users should upgrade to version 8.13.8 to receive a patch. There are no known workarounds aside from upgrading.

РелизСтатусПримечание
devel

DNE

esm-apps/jammy

needs-triage

hirsute

ignored

end of life
impish

ignored

end of life
jammy

needs-triage

kinetic

ignored

end of life, was needs-triage
lunar

DNE

mantic

DNE

noble

DNE

oracular

DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 61%
0.00411
Низкий

3.5 Low

CVSS2

7.2 High

CVSS3

Связанные уязвимости

nvd логотип

CVE-2021-43861

CVSS3: 7.2
nvd
около 4 лет назад

Mermaid is a Javascript based diagramming and charting tool that uses Markdown-inspired text definitions and a renderer to create and modify complex diagrams. Prior to version 8.13.8, malicious diagrams can run javascript code at diagram readers' machines. Users should upgrade to version 8.13.8 to receive a patch. There are no known workarounds aside from upgrading.

debian логотип

CVE-2021-43861

CVSS3: 7.2
debian
около 4 лет назад

Mermaid is a Javascript based diagramming and charting tool that uses ...

github логотип

GHSA-p3rp-vmj9-gv6v

CVSS3: 7.2
github
около 4 лет назад

Incorrect sanitisation function leads to `XSS` in mermaid

EPSS

Процентиль: 61%
0.00411
Низкий

3.5 Low

CVSS2

7.2 High

CVSS3