WhiteSource Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

WS-2019-0066

Good to know:

icon
icon

Date: April 27, 2019

Versions of ecstatic prior to 4.1.2 fails to validate redirects, allowing attackers to craft requests that result in an HTTP 301 redirect to any other domains.

Language: Java

Severity Score

Related Resources (4)

https://www.npmjs.com/advisories/830
https://github.com/jfhbrook/node-ecstatic/commit/be6fc25a826f190b67f4d16158f9d67899e38ee4
https://www.whitesourcesoftware.com/vulnerability-database/WS-2019-0066
https://resources.whitesourcesoftware.com/top-vulnerabilities/top-5-open-source-vulnerabilities-for-may-2019

Severity Score

Top Fix

icon

Upgrade Version

Upgrade to version 4.1.2

Learn More

CVSS v2

Base Score:
Access Vector (AV):
Access Complexity (AC):
Authentication (AU):
Confidentiality (C):
Integrity (I):
Availability (A):
Additional information:

Do you need more information?

Contact Us