CVE-2020-8910

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2020-8910

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-8910.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2020-8910

Aliases

GHSA-vh5w-fg69-rc8m

Related

UBUNTU-CVE-2020-8910

Published

2020-03-26T12:15:12Z

Modified

2025-01-15T01:47:18.098320Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

A URL parsing issue in goog.uri of the Google Closure Library versions up to and including v20200224 allows an attacker to send malicious URLs to be parsed by the library and return the wrong authority. Mitigation: update your library to version v20200315.

References

Affected packages

Git / github.com/google/closure-library

Affected ranges

Type: GIT
Repo: https://github.com/google/closure-library
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

294fc00b01d248419d8f8de37580adf2a0024fc9

Fixed

294fc00b01d248419d8f8de37580adf2a0024fc9

Affected versions

Other

20160208

v20160106

v20160119

v20160125

v20160315

v20160517

v20160619

v20160713

v20160822

v20160911

v20161024

v20161201

v20170124

v20170218

v20170409

v20170521

v20170626

v20170806

v20170910

v20171112

v20171203

v20180204

v20180405

v20180506

v20180716

v20180805

v20180910

v20190121

v20190215

v20190301

v20190325

v20190415

v20190513

v20190528

v20190618

v20190709

v20190729

v20190819

v20190909

v20190929

v20191027

v20191111

v20200101

v20200112

v20200204

v20200224