Org.Webjars.Npm
Approved changes feed: RSS · Atom
cpe:2.3:a:n/a:org.webjars.npm:sanitize-html:*:*:*:*:*:*:*:*
part: a version: sanitize-html update: *
| Vendor | N/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78) |
|---|---|
| Product | Org.Webjars.Npm (1bfc0018-a693-5863-8d2a-88aebae96d1d) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-21501 |
vulnerable | 2026-06-08 06:27:35.438318 |
Details available
MEDIUM (5.3)
Versions of the package sanitize-html before 2.12.1 are vulnerable to Information Exposure when used on the backend and with the style attribute allowed, allowing enumeration of files in the system (including project dependencies). An attacker could exploit this vulnerability to gather details about the file system structure and dependencies of the targeted server.
Published: 2024-02-24T05:00:02.731Z
Updated: 2025-02-13T17:33:15.082Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.