4 matches found
CVE-2022-21671
@replit/crosis is a JavaScript client that speaks Replit's container protocol. A vulnerability that involves exposure of sensitive information exists in versions prior to 7.3.1. When using this library as a way to programmatically communicate with Replit in a standalone fashion, if there are...
CVE-2022-21671
creationtimestamp| type| source ---|---|--- 2022-01-11 18:15:57+00:00| seen| https://t.me/cibsecurity/35248...
CVE-2022-21671 Potential exposure of Replit tokens to an Unauthorized Actor in @replit/crosis
@replit/crosis is a JavaScript client that speaks Replit's container protocol. A vulnerability that involves exposure of sensitive information exists in versions prior to 7.3.1. When using this library as a way to programmatically communicate with Replit in a standalone fashion, if there are...
CVE-2022-21671
The CVE-2022-21671 issue affects @replit/crosis (JavaScript client for Replit’s container protocol) in versions before 7.3.1. When multiple WebSocket contact attempts fail, the client falls back to a polling proxy whose URL may route to an untrusted server, enabling an attacker to obtain the Repl...