45 matches found
CVE-2021-23406 Remote Code Execution (RCE)
This affects the package pac-resolver before 5.0.0. This can occur when used with untrusted input, due to unsafe PAC file handling. NOTE: The fix for this vulnerability is applied in the node-degenerator library, a dependency written by the same maintainer...
CVE-2021-23406
Technical details about CVE-2021-23406 are not provided in the connected documents. Public details appear limited to the initial description. Monitor for updates from official advisories.
CVE-2021-23406
This affects the package pac-resolver before 5.0.0. This can occur when used with untrusted input, due to unsafe PAC file handling. NOTE: The fix for this vulnerability is applied in the node-degenerator library, a dependency written by the same maintainer...
pac-resolver 安全漏洞
pac-resolver is a function that generates an asynchronous parser from a PAC file. A security vulnerability exists in pac-resolver versions prior to 5.0.0 that stems from the application of insecure PAC file handling, which may occur when used with untrusted input...
Remote Code Execution (RCE)
Overview Affected versions of this package are vulnerable to Remote Code Execution RCE. This can occur when used with untrusted input, due to unsafe PAC file handling. In order to exploit this vulnerability in practice, this either requires an attacker on your local network, a specific vulnerable...