Filtered by vendor Isomorphic-git
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-30483 | 1 Isomorphic-git | 1 Isomorphic-git | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
isomorphic-git before 1.8.2 allows Directory Traversal via a crafted repository.
|
|||||
| CVE-2021-23664 | 1 Isomorphic-git | 1 Cors-proxy | 2024-11-21 | 5.0 MEDIUM | 8.6 HIGH |
|
The package @isomorphic-git/cors-proxy before 2.7.1 are vulnerable to Server-side Request Forgery (SSRF) due to missing sanitization and validation of the redirection action in middleware.js.
|
|||||