cve/CVE-2021-23624.md at ae7c8ffaeab2dbdfe8daabfe5c8c852b33cc867f

admin/cve

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2025-12-30 04:49:42 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

687 B

Raw Blame History

CVE-2021-23624

Description

This affects the package dotty before 0.1.2. A type confusion vulnerability can lead to a bypass of CVE-2021-25912 when the user-provided keys used in the path parameter are arrays.

POC

Reference

https://snyk.io/vuln/SNYK-JS-DOTTY-1577292

Github

https://github.com/dellalibera/dellalibera

687 B Raw Blame History

CVE-2021-23624

Description

POC

Reference

Github

687 B

Raw Blame History