Lucene search
Veracode Vulnerability DatabaseVERACODE:31553HistoryAug 11, 2021 - 2:34 a.m.
Privilege Escalation
2021-08-1102:34:01
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
4
privilege escalation
serverless-offline
createauthscheme
createauthscheme.js
access control
http status code
web content
malicious url
EPSS
0.007
Percentile
80.7%
serverless-offline is vulnerable to privilege escalation. The vulnerability exists in createAuthScheme function of createAuthScheme.js due to an insecure access control from a misinterpreted HTTP status code which allows an attacker to download a web content page via malicious URL.
Related
prion
prion
Improper access control
2021-08-10 18:15:00
osv
osv
CVE-2021-38384
2021-08-10 18:15:07
Incorrect Authorization in serverless-offline
2021-09-01 18:32:22
github
github
Incorrect Authorization in serverless-offline
2021-09-01 18:32:22
nvd
nvd
CVE-2021-38384
2021-08-10 18:15:07
cve
cve
CVE-2021-38384
2021-08-10 18:15:07
cvelist
cvelist
CVE-2021-38384
2021-08-10 17:35:41