Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/02/06 1:20 a.m.14 views

CVE-2022-21671

@replit/crosis is a JavaScript client that speaks Replit's container protocol. A vulnerability that involves exposure of sensitive information exists in versions prior to 7.3.1. When using this library as a way to programmatically communicate with Replit in a standalone fashion, if there are...

8.1CVSS6.2AI score0.0112EPSS
Exploits0References1
Circl
Circl
added 2022/01/11 6:15 p.m.7 views

CVE-2022-21671

creationtimestamp| type| source ---|---|--- 2022-01-11 18:15:57+00:00| seen| https://t.me/cibsecurity/35248...

8.1CVSS7AI score0.0112EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/01/11 3:5 p.m.6 views

CVE-2022-21671 Potential exposure of Replit tokens to an Unauthorized Actor in @replit/crosis

@replit/crosis is a JavaScript client that speaks Replit's container protocol. A vulnerability that involves exposure of sensitive information exists in versions prior to 7.3.1. When using this library as a way to programmatically communicate with Replit in a standalone fashion, if there are...

8.1CVSS6.6AI score0.0112EPSS
Exploits0References2
CVE
CVE
added 2022/01/11 3:5 p.m.91 views

CVE-2022-21671

The CVE-2022-21671 issue affects @replit/crosis (JavaScript client for Replit’s container protocol) in versions before 7.3.1. When multiple WebSocket contact attempts fail, the client falls back to a polling proxy whose URL may route to an untrusted server, enabling an attacker to obtain the Repl...

8.1CVSS6.6AI score0.0112EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder