2 matches found
CVE-2021-23664
CVE-2021-23664 affects @isomorphic-git/cors-proxy before 2.7.1. The vulnerability is Server-side Request Forgery (SSRF) due to missing sanitization and validation of the redirection action in middleware.js. Exploitation details and public disclosures are present in connected advisories (GHSA/Snyk...
CVE-2021-23664 Server-side Request Forgery (SSRF)
The package @isomorphic-git/cors-proxy before 2.7.1 are vulnerable to Server-side Request Forgery SSRF due to missing sanitization and validation of the redirection action in middleware.js...