CVE-2021-21403: Authentication Bypass by Primary Weakness

February 15, 2022 (updated April 12, 2022)

In github.com/kongchuanhujiao/server before version 1.3.21 there is an authentication Bypass by Primary Weakness vulnerability. All users are impacted. This is fixed in version 1.3.21.

References

github.com/advisories/GHSA-8wrg-m8vm-5fvj
github.com/kongchuanhujiao/server/commit/9a125624f219e496bdf4b07b404816d5a309bdc1
github.com/kongchuanhujiao/server/security/advisories/GHSA-8wrg-m8vm-5fvj
nvd.nist.gov/vuln/detail/CVE-2021-21403

Code Behaviors & Features

Detect and mitigate CVE-2021-21403 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →