Lucene search
K

45 matches found

Cvelist
Cvelist
added 2021/08/24 7:45 a.m.26 views

CVE-2021-23406 Remote Code Execution (RCE)

This affects the package pac-resolver before 5.0.0. This can occur when used with untrusted input, due to unsafe PAC file handling. NOTE: The fix for this vulnerability is applied in the node-degenerator library, a dependency written by the same maintainer...

8.1CVSS9.7AI score0.02863EPSS
Exploits1References5
CVE
CVE
added 2021/08/24 7:45 a.m.97 views

CVE-2021-23406

Technical details about CVE-2021-23406 are not provided in the connected documents. Public details appear limited to the initial description. Monitor for updates from official advisories.

9.8CVSS8.8AI score0.02863EPSS
Exploits1References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2021/08/24 7:43 a.m.2 views

CVE-2021-23406

This affects the package pac-resolver before 5.0.0. This can occur when used with untrusted input, due to unsafe PAC file handling. NOTE: The fix for this vulnerability is applied in the node-degenerator library, a dependency written by the same maintainer...

9.8CVSS5.4AI score0.02863EPSS
Exploits1References6
CNNVD
CNNVD
added 2021/08/24 12:0 a.m.5 views

pac-resolver 安全漏洞

pac-resolver is a function that generates an asynchronous parser from a PAC file. A security vulnerability exists in pac-resolver versions prior to 5.0.0 that stems from the application of insecure PAC file handling, which may occur when used with untrusted input...

9.8CVSS8.5AI score0.02863EPSS
Exploits1References10
Snyk
Snyk
added 2021/05/30 1:37 p.m.3 views

Remote Code Execution (RCE)

Overview Affected versions of this package are vulnerable to Remote Code Execution RCE. This can occur when used with untrusted input, due to unsafe PAC file handling. In order to exploit this vulnerability in practice, this either requires an attacker on your local network, a specific vulnerable...

9.8CVSS9.4AI score0.02863EPSS
Exploits1References2
Rows per page
Query Builder