← Back

Isomorphic Git

isomorphic-git

2 CVEs • 2 products

Products (2)

Click to collapse
Toggle
Isomorphic Git
isomorphic-git
1 CVE
Cors Proxy
cors-proxy
1 CVE

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-23664
1Isomorphic Git
1Cors Proxy
Nov 21, 2024
Jan 21, 2022
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
The package @isomorphic-git/cors-proxy before 2.7.1 are vulnerable to Server-side Request Forgery (SSRF) due to missing sanitization and validation of the redirection action in middleware.js.
CVE-2021-30483
1Isomorphic Git
1Isomorphic Git
Nov 21, 2024
Jul 30, 2021
N/A· v4
5.3 MEDIUM· v3
5.0 MEDIUM· v2
isomorphic-git before 1.8.2 allows Directory Traversal via a crafted repository.