CVE-2021-20066: Insufficient Granularity of Access Control in JSDom
(updated )
JSDom improperly allows the loading of local resources, which allows for local files to be manipulated by a malicious web page when script execution is enabled.
References
Detect and mitigate CVE-2021-20066 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →