Low severityNVD Advisory· Published Feb 16, 2021· Updated Aug 3, 2024
CVE-2021-20066
CVE-2021-20066
Description
JSDom improperly allows the loading of local resources, which allows for local files to be manipulated by a malicious web page when script execution is enabled.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
jsdomnpm | < 16.5.0 | 16.5.0 |
Affected products
1Patches
Vulnerability mechanics
References
6- github.com/advisories/GHSA-f4c9-cqv8-9v98ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-20066ghsaADVISORY
- github.com/jsdom/jsdom/issues/3124ghsaWEB
- github.com/jsdom/jsdom/issues/3124ghsax_refsource_MISCWEB
- security.snyk.io/vuln/SNYK-JS-JSDOM-1075447ghsaWEB
- www.tenable.com/security/research/tra-2021-05ghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.