VYPR

npm package

meshcentral

pkg:npm/meshcentral

Vulnerabilities (4)

  • CVE-2024-26135Feb 20, 2024
    affected < 1.1.21fixed 1.1.21

    MeshCentral is a full computer management web site. Versions prior to 1.1.21 a cross-site websocket hijacking (CSWSH) vulnerability within the control.ashx endpoint. This component is the primary mechanism used within MeshCentral to perform administrative actions on the server. T

  • CVE-2023-51838Feb 2, 2024
    affected <= 1.1.16

    Ylianst MeshCentral 1.1.16 suffers from Use of a Broken or Risky Cryptographic Algorithm.

  • CVE-2023-51837Jan 30, 2024
    affected <= 1.1.16

    Ylianst MeshCentral 1.1.16 is vulnerable to Missing SSL Certificate Validation.

  • CVE-2023-51842Jan 29, 2024
    affected < 1.1.17fixed 1.1.17

    An algorithm-downgrade issue was discovered in Ylianst MeshCentral 1.1.16.