Vulnerability Details CVE-2021-21421
node-etsy-client is a NodeJs Etsy ReST API Client. Applications that are using node-etsy-client and reporting client error to the end user will offer api key value too This is fixed in node-etsy-client v0.3.0 and later.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 65.9%
CVSS Severity
CVSS v3 Score 8.1
CVSS v2 Score 4.0
References
- https://github.com/creharmony/node-etsy-client/commit/b4beb8ef080366c1a87dbf9e163051a446acaa7d
- https://github.com/creharmony/node-etsy-client/security/advisories/GHSA-xw22-wv29-3299
- https://github.com/creharmony/node-etsy-client/commit/b4beb8ef080366c1a87dbf9e163051a446acaa7d
- https://github.com/creharmony/node-etsy-client/security/advisories/GHSA-xw22-wv29-3299
Products affected by CVE-2021-21421
-
cpe:2.3:a:node-etsy-client_project:node-etsy-client:0.0.1
-
cpe:2.3:a:node-etsy-client_project:node-etsy-client:0.1.0
-
cpe:2.3:a:node-etsy-client_project:node-etsy-client:0.1.1
-
cpe:2.3:a:node-etsy-client_project:node-etsy-client:0.2.0
-
cpe:2.3:a:node-etsy-client_project:node-etsy-client:0.3.0