CVE-2020-10591

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2020-10591

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-10591.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2020-10591

Aliases

GHSA-6566-9526-52v6

Published

2020-03-15T21:15:11Z

Modified

2024-05-14T07:31:18.831699Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

An issue was discovered in Walmart Labs Concord before 1.44.0. CORS Access-Control-Allow-Origin headers have a potentially unsafe dependency on Origin headers, and are not configurable. This allows remote attackers to discover host information, nodes, API metadata, and references to usernames via api/v1/apikey.

References

Affected packages

Git / github.com/walmartlabs/concord

Affected ranges

Type: GIT
Repo: https://github.com/walmartlabs/concord
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

364549337cddb33c835a7e774b73c8644ec46e6b

Affected versions

0.*

0.1.0

0.10.0

0.11.0

0.11.1

0.11.2

0.12.0

0.13.0

0.14.0

0.14.1

0.15.0

0.16.0

0.17.0

0.17.2

0.17.3

0.18.0

0.19.0

0.2.0

0.2.1

0.20.0

0.20.1

0.22.0

0.23.0

0.24.0

0.25.0

0.26.0

0.27.0

0.28.0

0.28.1

0.28.2

0.28.3

0.29.0

0.3.0

0.3.1

0.3.2

0.30.0

0.30.1

0.31.0

0.32.0

0.33.0

0.34.0

0.34.1

0.35.0

0.36.0

0.37.0

0.38.0

0.38.3

0.39.0

0.4.0

0.4.1

0.40.2

0.42.0

0.43.0

0.44.0

0.44.1

0.45.0

0.45.1

0.46.0

0.47.0

0.48.0

0.48.1

0.48.2

0.49.0

0.5.0

0.5.1

0.50.0

0.51.0

0.52.0

0.53.0

0.54.0

0.55.0

0.56.0

0.57.0

0.58.0

0.59.0

0.6.0

0.60.0

0.61.0

0.61.1

0.63.0

0.64.0

0.65.1

0.65.2

0.65.3

0.66.0

0.67.0

0.68.0

0.69.0

0.7.0

0.70.0

0.71.0

0.71.1

0.71.2

0.71.3

0.72.0

0.73.0

0.74.0

0.75.0

0.76.0

0.77.0

0.78.0

0.78.1

0.79.0

0.79.1

0.79.2

0.8.0

0.8.2

0.80.0

0.81.0

0.82.0

0.83.0

0.83.1

0.84.0

0.84.1

0.85.0

0.86.0

0.87.0

0.88.0

0.88.1

0.88.2

0.89.0

0.89.1

0.89.2

0.89.3

0.9.0

0.90.0

0.91.0

0.92.0

0.93.0

0.93.1

0.94.0

0.95.0

0.96.0

0.97.0

0.98.0

0.98.1

0.99.0

0.99.1

1.*

1.0.0

1.1.0

1.10.0

1.11.0

1.12.0

1.13.0

1.13.1

1.14.0

1.15.0

1.16.0

1.16.1

1.17.0

1.18.0

1.18.1

1.19.0

1.19.1

1.2.0

1.2.1

1.2.2

1.20.0

1.20.1

1.21.0

1.22.0

1.23.0

1.24.0

1.24.1

1.24.2

1.25.0

1.26.0

1.27.0

1.28.0

1.28.1

1.29.0

1.3.0

1.30.0

1.31.0

1.31.1

1.32.0

1.33.0

1.34.0

1.34.1

1.34.2

1.34.3

1.35.0

1.35.1

1.36.0

1.36.1

1.37.0

1.37.1

1.38.0

1.38.1

1.38.2

1.39.3

1.4.0

1.40.0

1.41.0

1.42.0

1.43.0

1.5.0

1.6.0

1.7.0

1.7.1

1.7.2

1.8.0

1.8.1

1.9.0