CVE-2021-3731

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-3731

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-3731.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2021-3731

Related

Published

2021-08-23T13:15:08Z

Modified

2024-11-17T05:49:56.988236Z

Severity

4.7 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N CVSS Calculator

Summary

[none]

Details

LedgerSMB does not sufficiently guard against being wrapped by other sites, making it vulnerable to 'clickjacking'. This allows an attacker to trick a targetted user to execute unintended actions.

References

Affected packages

Debian:11 / ledgersmb

Package

Name: ledgersmb
Purl: pkg:deb/debian/ledgersmb?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.6.9+ds-2+deb11u2

Affected versions

1.*

1.6.9+ds-2

1.6.9+ds-2+deb11u1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / ledgersmb

Package

Name: ledgersmb
Purl: pkg:deb/debian/ledgersmb?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.6.9+ds-2.1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/ledgersmb/ledgersmb

Affected ranges

Type: GIT
Repo: https://github.com/ledgersmb/ledgersmb
Events: Introduced

9e949f0dbdcfd21ae397f44b91c28e01ef5f9817

Last affected

08762c39957a3edd025d245dbfb253613c39da30

Introduced

8f505d3e6fd0b4004ec35aa5b7c0769107c28a9e

Last affected

26d278b955f676edf6567aa1a0057ce5464ebe13

Introduced

5fb87569525daa80b39f08bd61dfaf041dca6519

Last affected

847ab6aabd2e64f286a867a5dbfd2bca3a382997

Introduced

556e093b59d91afa384f882c31271e85229aade8

Last affected

ac521b6caed3ee1a07a297e26ad07df9c8c14e13

Introduced

7f377d50e554d1672a549e19dc6c05dccbf8fb03

Last affected

acf6dcfe2cf0fef291c02d06030bc2e712cfc28f

Introduced

ec3120dc8c32494b9244c00595ecf75be930ee72

Last affected

e4fadfc9b121160dd393cf2f90d6a65a76b13b4c

Affected versions

1.*

1.4.0

1.4.1-2

1.4.10

1.4.11

1.4.13

1.4.15

1.4.16

1.4.17

1.4.18

1.4.19

1.4.2

1.4.20

1.4.21

1.4.22

1.4.23

1.4.24

1.4.25

1.4.26

1.4.27

1.4.28

1.4.29

1.4.3

1.4.30

1.4.31

1.4.32

1.4.33

1.4.34

1.4.35

1.4.36

1.4.37

1.4.38

1.4.39

1.4.4

1.4.40

1.4.41

1.4.42

1.4.5

1.4.8

1.4.8--rc2

1.4.8-rc1

1.4.9

1.4.9-3

1.5.0

1.5.1

1.5.10

1.5.11

1.5.12

1.5.13

1.5.14

1.5.15

1.5.16

1.5.17

1.5.18

1.5.19

1.5.2

1.5.20

1.5.21

1.5.22

1.5.23

1.5.24

1.5.25

1.5.26

1.5.27

1.5.28

1.5.29

1.5.3

1.5.30

1.5.4

1.5.5

1.5.6

1.5.7

1.5.8

1.5.9

1.6.0

1.6.1

1.6.10

1.6.11

1.6.12

1.6.13

1.6.14

1.6.15

1.6.16

1.6.17

1.6.18

1.6.19

1.6.2

1.6.20

1.6.21

1.6.22

1.6.23

1.6.24

1.6.25

1.6.26

1.6.27

1.6.28

1.6.29

1.6.3

1.6.30

1.6.31

1.6.32

1.6.33

1.6.4

1.6.5

1.6.6

1.6.7

1.6.8

1.6.9

1.7.0

1.7.1

1.7.10

1.7.11

1.7.12

1.7.13

1.7.14

1.7.15

1.7.16

1.7.17

1.7.18

1.7.19

1.7.2

1.7.20

1.7.21

1.7.22

1.7.23

1.7.24

1.7.25

1.7.26

1.7.27

1.7.28

1.7.29

1.7.3

1.7.30

1.7.31

1.7.32

1.7.4

1.7.5

1.7.6

1.7.7

1.7.8

1.7.9

1.8.0

1.8.1

1.8.10

1.8.11

1.8.12

1.8.13

1.8.14

1.8.15

1.8.16

1.8.17

1.8.2

1.8.3

1.8.4

1.8.5

1.8.6

1.8.7

1.8.8

1.8.9