Security Advisory

CVE-2021-23444

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-09-21 16:55:26

Last updated 2024-09-16 20:58:36

Assigner snyk

State PUBLISHED

Description

This affects the package jointjs before 3.4.2. A type confusion vulnerability can lead to a bypass of CVE-2020-28480 when the user-provided keys used in the path parameter are arrays in the setByPath function.

← Browse all CVEs View on cve.org ↗