CVE-2021-4162: archivy is vulnerable to Cross-Site Request Forgery (CSRF)
(updated )
archivy is vulnerable to Cross-Site Request Forgery (CSRF). There is a fix available in the master branch.
References
- github.com/advisories/GHSA-9236-8w7q-rmrv
- github.com/archivy/archivy
- github.com/archivy/archivy/commit/796c3ae318eea183fc88c87ec5a27355b0f6a99d
- github.com/archivy/archivy/releases/tag/v1.6.2
- github.com/pypa/advisory-database/tree/main/vulns/archivy/PYSEC-2021-869.yaml
- huntr.dev/bounties/e204a768-2129-4b6f-abad-e436309c7c32
- nvd.nist.gov/vuln/detail/CVE-2021-4162
Detect and mitigate CVE-2021-4162 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →