A vulnerability was found in lukehutch Gribbit. It has been classified as problematic. Affected is the function messageReceived of the file src/gribbit/request/HttpRequestHandler.java. The manipulation leads to missing origin validation in websockets. The name of the patch is 620418df247aebda3dd4be1dda10fe229ea505dd. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-217716.
References
Link | Resource |
---|---|
https://github.com/lukehutch/gribbit/commit/620418df247aebda3dd4be1dda10fe229ea505dd | Patch Third Party Advisory |
https://vuldb.com/?ctiid.217716 | Third Party Advisory |
https://vuldb.com/?id.217716 | Third Party Advisory |
Configurations
History
11 Apr 2024, 00:51
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
13 Jan 2023, 18:31
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
CWE | CWE-346 | |
First Time |
Gribbit Project gribbit
Gribbit Project |
|
CPE | cpe:2.3:a:gribbit_project:gribbit:*:*:*:*:*:*:*:* | |
References | (MISC) https://vuldb.com/?id.217716 - Third Party Advisory | |
References | (MISC) https://github.com/lukehutch/gribbit/commit/620418df247aebda3dd4be1dda10fe229ea505dd - Patch, Third Party Advisory | |
References | (MISC) https://vuldb.com/?ctiid.217716 - Third Party Advisory |
09 Jan 2023, 21:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-01-09 21:15
Updated : 2024-04-11 00:51
NVD link : CVE-2014-125071
Mitre link : CVE-2014-125071
CVE.ORG link : CVE-2014-125071
JSON object : View
Products Affected
gribbit_project
- gribbit