Lucene search
PRIOn knowledge basePRION:CVE-2021-31597HistoryApr 23, 2021 - 12:15 a.m.
Input validation
2021-04-2300:15:00
PRIOn knowledge base
www.prio-n.com
2
The xmlhttprequest-ssl package before 1.6.1 for Node.js disables SSL certificate validation by default, because rejectUnauthorized (when the property exists but is undefined) is considered to be false within the https.request function of Node.js. In other words, no certificate is ever rejected.
| CPE | Name | Operator | Version |
|---|---|---|---|
| xmlhttprequest-ssl | lt | 1.6.1 |
Related
veracode
veracode
Certificate Validation Bypass
2021-04-26 07:32:42
osv
osv
CVE-2021-31597
2021-04-23 00:15:08
Improper Certificate Validation in xmlhttprequest-ssl
2021-05-24 19:52:55
cve
cve
CVE-2021-31597
2021-04-23 00:15:08
debiancve
debiancve
CVE-2021-31597
2021-04-23 00:15:08
nvd
nvd
CVE-2021-31597
2021-04-23 00:15:08
redhatcve
redhatcve
CVE-2021-31597
2021-04-23 19:43:41
github
github
Improper Certificate Validation in xmlhttprequest-ssl
2021-05-24 19:52:55
ubuntucve
ubuntucve
CVE-2021-31597
2021-04-23 00:00:00
ibm
ibm
nodejs
nodejs
Improper Verification of Cryptographic Signature
2021-05-24 19:56:34
cvelist
cvelist
CVE-2021-31597
2021-04-22 23:52:48