1.1.35
7 years ago
25 days ago
Known vulnerabilities in the meshcentral package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for freeVulnerability | Vulnerable Version |
---|---|
meshcentral is a Web based remote computer management server Affected versions of this package are vulnerable to Origin Validation Error within the An attacker can execute unauthorized commands or access sensitive information by convincing a victim to click on a malicious link to a page hosting an attacker-controlled site, which then allows the attacker to originate a cross-site websocket connection using client-side JavaScript to connect to How to fix Origin Validation Error? Upgrade | <1.1.21 |
meshcentral is a Web based remote computer management server Affected versions of this package are vulnerable to Use of a Cryptographic Primitive with a Risky Implementation due to the use of How to fix Use of a Cryptographic Primitive with a Risky Implementation? There is no fixed version for | >=0.0.0 |
meshcentral is a Web based remote computer management server Affected versions of this package are vulnerable to Improper Certificate Validation for SSL certificates. An attacker can intercept or manipulate secure communications by presenting a forged or self-signed certificate without being detected. How to fix Improper Certificate Validation? There is no fixed version for | * |
meshcentral is a Web based remote computer management server Affected versions of this package are vulnerable to Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade'). An attacker can downgrade the cryptographic algorithm to a less secure one by manipulating the algorithm negotiation process. How to fix Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')? Upgrade | <1.1.17 |