Описание
Express.js minimalist web framework for node. In express < 4.20.0, passing untrusted user input - even after sanitizing it - to response.redirect() may execute untrusted code. This issue is patched in express 4.20.0.
Релиз | Статус | Примечание |
---|---|---|
devel | not-affected | 4.21.0+~cs8.36.26-2 |
esm-apps/bionic | released | 4.1.1~dfsg-1ubuntu0.18.04.1~esm1 |
esm-apps/focal | released | 4.17.1-2ubuntu0.1~esm1 |
esm-apps/jammy | released | 4.17.3+~4.17.13-1ubuntu0.1~esm1 |
esm-apps/noble | released | 4.19.2+~cs8.36.21-1ubuntu0.1~esm1 |
esm-apps/xenial | released | 4.1.1~dfsg-1ubuntu0.16.04.1~esm1 |
focal | ignored | end of standard support, was needs-triage |
jammy | needed | |
noble | needed | |
oracular | released | 4.19.2+~cs8.36.26-1ubuntu0.1 |
Показывать по
5 Medium
CVSS3
Связанные уязвимости
Express.js minimalist web framework for node. In express < 4.20.0, passing untrusted user input - even after sanitizing it - to response.redirect() may execute untrusted code. This issue is patched in express 4.20.0.
Express.js minimalist web framework for node. In express < 4.20.0, passing untrusted user input - even after sanitizing it - to response.redirect() may execute untrusted code. This issue is patched in express 4.20.0.
Express.js minimalist web framework for node. In express < 4.20.0, pas ...
5 Medium
CVSS3