Open RobertMickleCx opened 1 year ago
Vulnerable Package issue exists @ Npm-tunnel-agent-0.4.3 in branch master
Tunnel-agent is vulnerable to memory exposure. This is exploitable if user supplied input is provided to the auth value and is a number.
Namespace: RobertMickleCx Repository: NodeGoat Repository Url: https://github.com/RobertMickleCx/NodeGoat CxAST-Project: RobertMickleCx/NodeGoat CxAST platform scan: 421abb05-2701-4c6b-8cb3-89f91b91b3aa Branch: master Application: NodeGoat Severity: HIGH State: NOT_IGNORED Status: RECURRENT CWE: CWE-200
Additional Info Attack vector: NETWORK Attack complexity: LOW Confidentiality impact: HIGH Availability impact: NONE
References Advisory Commit POC/Exploit
Vulnerable Package issue exists @ Npm-tunnel-agent-0.4.3 in branch master
Tunnel-agent is vulnerable to memory exposure. This is exploitable if user supplied input is provided to the auth value and is a number.
Namespace: RobertMickleCx Repository: NodeGoat Repository Url: https://github.com/RobertMickleCx/NodeGoat CxAST-Project: RobertMickleCx/NodeGoat CxAST platform scan: 421abb05-2701-4c6b-8cb3-89f91b91b3aa Branch: master Application: NodeGoat Severity: HIGH State: NOT_IGNORED Status: RECURRENT CWE: CWE-200
Additional Info Attack vector: NETWORK Attack complexity: LOW Confidentiality impact: HIGH Availability impact: NONE
References Advisory Commit POC/Exploit