CVE STALKER

CVE-2021-23410

CVSS
DESCRIPTIONAll versions of package msgpack are vulnerable to Deserialization of Untrusted Data via the unpack function.
HEAT SCORE125

WORDS

TWEETS

DATE TWEETS USER
2021-09-14 05:50:38CVE-2021-23410 はrevokeされたんだけど、結局GitHub Advisory Databaseには登録されてしまって「コンプラのためにmsgpack-nodeを捨てないといけなくてmsgpack-javascri… https://t.co/L81YbtTXV9 https://twitter.com/i/web/status/1437653446362943491__gfx__
2021-08-04 00:50:12CVE-2021-23410 はリジェクトされました。Snyk自体が取り下げたためです。 https://t.co/Ha5t3KB8OO https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23410__gfx__
2021-07-29 19:10:15New post from https://t.co/9KYxtdZjkl (CVE-2021-23410 (msgpack)) has been published on https://t.co/MsLzPr0Pau http://www.sesin.at https://www.sesin.at/2021/07/29/cve-2021-23410-msgpack/www_sesin_at
2021-07-29 19:10:11New post from https://t.co/uXvPWJy6tj (CVE-2021-23410 (msgpack)) has been published on https://t.co/iDV1zlzWvD http://www.sesin.at https://www.sesin.at/2021/07/29/cve-2021-23410-msgpack/WolfgangSesin
2021-07-29 17:10:18🚨 NEW: CVE-2021-23410 🚨 All versions of package msgpack are vulnerable to Deserialization of Untrusted Data via the… https://t.co/2TeZMKGft8 https://twitter.com/i/web/status/1420791380394319878threatintelctr
2021-07-26 22:10:06この件だけど、Snykのひとからの返信あって CVE-2021-23410 は取り下げると同時に不手際を謝罪するとのこと。同じような内容のメールを msgpack-javascript のメンテナーとして受け取った。 https://t.co/BWcLI5W5BY https://github.com/msgpack/msgpack-node/issues/56#issuecomment-886763790__gfx__
2021-07-26 10:00:07New post from https://t.co/uXvPWJy6tj (msgpack Unpack deserialization [CVE-2021-23410]) has been published on https://t.co/gDcohsCW7I http://www.sesin.at https://www.sesin.at/2021/07/26/msgpack-unpack-deserialization-cve-2021-23410/WolfgangSesin
2021-07-26 10:00:06New post from https://t.co/9KYxtdZjkl (msgpack Unpack deserialization [CVE-2021-23410]) has been published on https://t.co/4dNNfidXLB http://www.sesin.at https://www.sesin.at/2021/07/26/msgpack-unpack-deserialization-cve-2021-23410/www_sesin_at
2021-07-24 01:40:28CVE-2021-23410 の reject request を出しました。参考: https://t.co/AWXTizrEB1 https://gist.github.com/gfx/230010980c04415bb602afdfd5165ed8__gfx__
2021-07-24 00:30:11ぼくの返信はこういうやつでした。PoC codeは CVE-2021-23410 とほぼ同じ(PoC codeがそもそも間違ってるのでかなりハイコンテキストです)。 https://t.co/x52ksyQco6 https://gist.github.com/gfx/5fda15840ce15df7267625cac010f23e__gfx__
2021-07-24 00:21:13この CVE-2021-23410 、完全に報告者の誤解で脆弱性ではないんだけど、CVEって第三者が検証したりしないの? nodejs用の mspgack module の脆弱性と報告されてるけど、そもそも JSON.parse… https://t.co/tOF47Qndnl https://twitter.com/i/web/status/1418725741324247041__gfx__
2021-07-23 20:01:13New post from https://t.co/uXvPWJy6tj (CVE-2021-23410) has been published on https://t.co/xpH44IEpPO http://www.sesin.at https://www.sesin.at/2021/07/23/cve-2021-23410/WolfgangSesin
2021-07-23 20:01:09New post from https://t.co/9KYxtdZjkl (CVE-2021-23410) has been published on https://t.co/ObJKtzYlHp http://www.sesin.at https://www.sesin.at/2021/07/23/cve-2021-23410/www_sesin_at
2021-07-21 21:20:18CVE-2021-23410 shall henceforth be named Newsworthy Celesta https://t.co/LExo8fPRJa https://nvd.nist.gov/vuln/detail/CVE-2021-23410vulnonym
2021-07-21 19:10:21CVE-2021-23410 All versions of package msgpack are vulnerable to Deseria... https://t.co/bFP5awDMnC Don't wait v… https://t.co/HcVgWM2XvO http://vulmon.com/vulnerabilitydetails?qid=CVE-2021-23410 https://twitter.com/i/web/status/1417923632551104517VulmonFeeds
2021-07-21 17:50:11CVE-2021-23410 All versions of package msgpack are vulnerable to Deserialization of Untrusted Data via the unpack f… https://t.co/6WLRSFLXjo https://twitter.com/i/web/status/1417903535421800458CVEnew
2021-07-21 17:40:20🚨 NEW: CVE-2021-23410 🚨 All versions of package msgpack are vulnerable to Deserialization of Untrusted Data via the… https://t.co/KQOkZ7bl9j https://twitter.com/i/web/status/1417899790847856641threatintelctr
2021-07-21 16:50:22CVE-2021-23410 : All versions of package msgpack are vulnerable to Deserialization of Untrusted Data via the unpack… https://t.co/ix3LVGtIVV https://twitter.com/i/web/status/1417889376101617676CVEreport