Lucene search
GoogleOSV:GHSA-2V5F-23XC-V9QRHistoryMar 11, 2021 - 10:50 p.m.
ansi_up cross-site scripting vulnerability
2021-03-1122:50:39
Google
osv.dev
11
npm package
ansi escape codes
html hyperlinks
cross-site scripting vulnerability
url sanitization
software
EPSS
0.001
Percentile
48.0%
The npm package ansi_up converts ANSI escape codes into HTML. In ansi_up v4, ANSI escape codes can be used to create HTML hyperlinks. Due to insufficient URL sanitization, this feature is affected by a cross-site scripting (XSS) vulnerability. This issue is fixed in v5.0.0.
Related
osv
osv
CVE-2021-3377
2021-03-05 21:15:13
nvd
nvd
CVE-2021-3377
2021-03-05 21:15:13
prion
prion
Cross site scripting
2021-03-05 21:15:00
cve
cve
CVE-2021-3377
2021-03-05 21:15:13
ubuntucve
ubuntucve
CVE-2021-3377
2021-03-05 00:00:00
github
github
ansi_up cross-site scripting vulnerability
2021-03-11 22:50:39
veracode
veracode
Cross-Site Scripting (XSS)
2021-03-08 04:43:57
Cross-site Scripting(XSS)
2021-03-07 17:06:53
cvelist
cvelist
CVE-2021-3377
2021-03-05 19:03:58
nuclei
nuclei
npm ansi_up v4 - Cross-Site Scripting
2021-07-26 17:18:45
redhatcve
redhatcve
CVE-2021-3377
2021-03-08 13:33:25
debiancve
debiancve
CVE-2021-3377
2021-03-05 21:15:13
ibm
ibm
redhat
redhat