CVE-2021-21403

2021-03-2618:15:12

Google

osv.dev

7 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

61.5%

JSON

In github.com/kongchuanhujiao/server before version 1.3.21 there is an authentication Bypass by Primary Weakness vulnerability. All users are impacted. This is fixed in version 1.3.21.

CPENameOperatorVersion
provinceservereq1.3.19-beta.6aa12b39
provinceservereq1.3.17-beta.af5ef140
provinceservereq1.3.16-beta.3638d0c5

Name	Operator	Version
provinceserver	eq	1.3.19-beta.6aa12b39
provinceserver	eq	1.3.17-beta.af5ef140
provinceserver	eq	1.3.16-beta.3638d0c5

References

github.com/kongchuanhujiao/server/commit/9a125624f219e496bdf4b07b404816d5a309bdc1

github.com/kongchuanhujiao/server/security/advisories/GHSA-8wrg-m8vm-5fvj