Critical severityNVD Advisory· Published Aug 7, 2021· Updated Aug 4, 2024
CVE-2021-38148
CVE-2021-38148
Description
Obsidian before 0.12.12 does not require user confirmation for non-http/https URLs.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
obsidiannpm | < 0.12.12 | 0.12.12 |
Affected products
2- Obsidian/Obsidiandescription
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.