github-actions[bot]
commented
1 year ago Stale issue message
Open TheKingTermux opened 2 years ago
github-actions[bot]
commented
1 year ago Stale issue message
TheKingTermux
commented
1 year ago P
github-actions[bot]
commented
1 year ago Isu ini sudah tidak ada perkembangan
github-actions[bot]
commented
1 year ago Isu ini sudah tidak ada perkembangan
github-actions[bot]
commented
1 year ago Isu ini sudah tidak ada perkembangan
github-actions[bot]
commented
10 months ago Isu ini sudah tidak ada perkembangan
Description
Authorization Bypass Through User-Controlled Key in GitHub repository ionicabizau/parse-path prior to 5.0.0.
Severity Check
Severity Number
7.3
CVSS base metrics
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Scope Unchanged
Confidentiality Low
Integrity Low
Availability Low
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Weaknesses CWE-639
CVE ID CVE-2022-0624
GHSA ID GHSA-3j8f-xvm3-ffx4
Information
Package parse-path (npm)
Affected versions < 5.0.0
Patched versions 5.0.0
References
https://nvd.nist.gov/vuln/detail/CVE-2022-0624
IonicaBizau/parse-path@f9ad885
https://huntr.dev/bounties/afffb2bd-fb06-4144-829e-ecbbcbc85388