exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 2

CVE-2021-23384

больше 4 лет назад

The package koa-remove-trailing-slashes before 2.0.2 are vulnerable to Open Redirect via the use of trailing double slashes in the URL when accessing the vulnerable endpoint (such as https://example.com//attacker.example/). The vulnerable code is in index.js::removeTrailingSlashes(), as the web server uses relative URLs instead of absolute URLs.

CVSS3: 5.4

EPSS: Низкий

GHSA-r773-pmw3-f4mr

почти 4 года назад

Open Redirect in koa-remove-trailing-slashes

CVSS3: 5.4

EPSS: Низкий

Уязвимостей на страницу

	Уязвимость	CVSS	EPSS	Опубликовано
	CVE-2021-23384 The package koa-remove-trailing-slashes before 2.0.2 are vulnerable to Open Redirect via the use of trailing double slashes in the URL when accessing the vulnerable endpoint (such as https://example.com//attacker.example/). The vulnerable code is in index.js::removeTrailingSlashes(), as the web server uses relative URLs instead of absolute URLs.	CVSS3: 5.4	0% Низкий	больше 4 лет назад
	GHSA-r773-pmw3-f4mr Open Redirect in koa-remove-trailing-slashes	CVSS3: 5.4	0% Низкий	почти 4 года назад

Уязвимостей на страницу