CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Serverless Offline Project: Security Vulnerabilities

CVE-2021-38384

Serverless Offline 8.0.0 returns a 403 HTTP status code for a route that has a trailing / character, which might cause a developer to implement incorrect access control, because the actual behavior within the Amazon AWS environment is a 200 HTTP status code (i.e., possibly greater than expected permissions).

CVSS Score

9.8

EPSS Score

0.003

Published

2021-08-10

Page 1

Vulnerabilities

Vulnerable Software

Serverless Offline Project: Security Vulnerabilities

Products

Pricing

Contact Us