exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2024-21501

почти 2 года назад

Versions of the package sanitize-html before 2.12.1 are vulnerable to Information Exposure when used on the backend and with the style attribute allowed, allowing enumeration of files in the system (including project dependencies). An attacker could exploit this vulnerability to gather details about the file system structure and dependencies of the targeted server.

CVSS3: 5.3

EPSS: Низкий

CVE-2024-21501

почти 2 года назад

Versions of the package sanitize-html before 2.12.1 are vulnerable to Information Exposure when used on the backend and with the style attribute allowed, allowing enumeration of files in the system (including project dependencies). An attacker could exploit this vulnerability to gather details about the file system structure and dependencies of the targeted server.

CVSS3: 5.3

EPSS: Низкий

CVE-2024-21501

почти 2 года назад

Versions of the package sanitize-html before 2.12.1 are vulnerable to Information Exposure when used on the backend and with the style attribute allowed, allowing enumeration of files in the system (including project dependencies). An attacker could exploit this vulnerability to gather details about the file system structure and dependencies of the targeted server.

CVSS3: 5.3

EPSS: Низкий

CVE-2024-21501

почти 2 года назад

Versions of the package sanitize-html before 2.12.1 are vulnerable to ...

CVSS3: 5.3

EPSS: Низкий

GHSA-rm97-x556-q36h

почти 2 года назад

sanitize-html Information Exposure vulnerability

CVSS3: 5.3

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2024-21501 Versions of the package sanitize-html before 2.12.1 are vulnerable to Information Exposure when used on the backend and with the style attribute allowed, allowing enumeration of files in the system (including project dependencies). An attacker could exploit this vulnerability to gather details about the file system structure and dependencies of the targeted server.	CVSS3: 5.3	1% Низкий	почти 2 года назад
CVE-2024-21501 Versions of the package sanitize-html before 2.12.1 are vulnerable to Information Exposure when used on the backend and with the style attribute allowed, allowing enumeration of files in the system (including project dependencies). An attacker could exploit this vulnerability to gather details about the file system structure and dependencies of the targeted server.	CVSS3: 5.3	1% Низкий	почти 2 года назад
CVE-2024-21501 Versions of the package sanitize-html before 2.12.1 are vulnerable to Information Exposure when used on the backend and with the style attribute allowed, allowing enumeration of files in the system (including project dependencies). An attacker could exploit this vulnerability to gather details about the file system structure and dependencies of the targeted server.	CVSS3: 5.3	1% Низкий	почти 2 года назад
CVE-2024-21501 Versions of the package sanitize-html before 2.12.1 are vulnerable to ...	CVSS3: 5.3	1% Низкий	почти 2 года назад
GHSA-rm97-x556-q36h sanitize-html Information Exposure vulnerability	CVSS3: 5.3	1% Низкий	почти 2 года назад

Уязвимостей на страницу