CVE-2021-4258

CVSS V2 None CVSS V3 None

Description

** DISPUTED ** A vulnerability was found in whohas. It has been rated as problematic. This issue affects some unknown processing of the component Package Information Handler. The manipulation leads to cleartext transmission of sensitive information. The attack may be initiated remotely. The real existence of this vulnerability is still doubted at the moment. The name of the patch is 667c3e2e9178f15c23d7918b5db25cd0792c8472. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216251. NOTE: Most sources redirect to the encrypted site which limits the possibilities of an attack.

Overview

CVE ID
CVE-2021-4258

Assigner
cna@vuldb.com

Vulnerability Status
Analyzed

Published Version
2022-12-19T14:15:10

Last Modified Date
2022-12-27T17:58:42

Weakness Enumerations

CWE	URL
CWE-319	http://cwe.mitre.org/data/definitions/319.html
CWE-310	http://cwe.mitre.org/data/definitions/310.html

CPE Configuration (Product)

CPE	Vulnerable	Operator	Version Start	Version End
cpe:2.3:a:whohas_project:whohas::::::::	1	OR		2021-11-01

References

Reference URL	Reference Tags
https://github.com/whohas/whohas/commit/667c3e2e9178f15c23d7918b5db25cd0792c8472
https://vuldb.com/?id.216251

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2021-4258
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4258

History

Created	Old Value	New Value	Data Type	Notes
2022-12-19 16:16:46				Added to TrackCVE
2022-12-21 17:15:06	2022-12-19T14:15:10.383	2022-12-19T14:15:10	CVE Published Date	updated
2022-12-21 17:15:06		2022-12-19T14:18:27	CVE Modified Date	updated
2022-12-21 17:15:06	Awaiting Analysis	Undergoing Analysis	Vulnerability Status	updated
2022-12-27 18:18:17		2022-12-27T17:58:42	CVE Modified Date	updated
2022-12-27 18:18:17	Undergoing Analysis	Analyzed	Vulnerability Status	updated
2022-12-27 18:18:19			Weakness Enumeration	update
2022-12-27 18:18:21			CPE Information	updated