Lucene search

CVE-2021-29452

🗓️ 16 Apr 2021 22:14:15Reported by GitHub_MType

cve🔗 web.nvd.nist.gov📰️ 9 Media mentions👁 68 Views

a12n-server npm package v0.18.0 allows unauthorized user editin

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 7
NVD	CVE-2021-29452	16 Apr 202122:15	–	nvd
OSV	Any logged in user could edit any other logged in user.	19 Apr 202115:14	–	osv
OSV	CVE-2021-29452	16 Apr 202122:15	–	osv
Cvelist	CVE-2021-29452 Any logged in user could edit any other logged in user.	16 Apr 202121:35	–	cvelist
Github Security Blog	Any logged in user could edit any other logged in user.	19 Apr 202115:14	–	github
Prion	Authentication flaw	16 Apr 202122:15	–	prion
Veracode	Insecure Access Controls	19 Apr 202106:09	–	veracode

Nvd

Vulners

Node

curveballjs a12n-serverRange0.18.0–0.18.2node.js

[
  {
    "product": "a12n-server",
    "vendor": "curveball",
    "versions": [
      {
        "status": "affected",
        "version": ">= 0.18 < 0.18.2"
      }
    ]
  }
]

Source	Link
npmjs	www.npmjs.com/package/%40curveball/a12n-server
github	www.github.com/curveball/a12n-server/security/advisories/GHSA-8hw9-22v6-9jr9

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

16 Apr 2021 22:15Current

7High risk

Vulners AI Score7

CVSS24

CVSS36.5 - 8.1

EPSS0.00248