CVE-2021-42072

An issue was discovered in Barrier before 2.4.0. The barriers component (aka the server-side implementation of Barrier) does not sufficiently verify the identify of connecting clients. Clients can thus exploit weaknesses in the provided protocol to cause denial-of-service or stage further attacks that could lead to information leaks or integrity corruption.

References

Affected packages

Git / github.com/debauchee/barrier

Affected ranges

Type

GIT

Repo

https://github.com/debauchee/barrier

Events

Introduced

Fixed

3e0d758b59e44e6bb8b5e13cf96c824be44207ac

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "2.4.0"
        }
    ]
}

Affected versions

1.*

1.6.0

1.6.1

1.6.2

1.6.3-final

1.7.0

v1.*

v1.7.1-stable

v1.7.2-stable

v1.7.3-stable

v1.8.0-beta

v1.8.1-stable

v1.8.3-stable

v1.8.4-stable

v1.8.5-stable

v1.8.6-stable

v1.8.7-stable

v1.8.8-stable

v2.*

v2.0.0

v2.0.0-RC1

v2.0.0-RC2

v2.1.0

v2.1.1

v2.1.2

v2.3.0

v2.3.1

v2.3.2

v2.3.3

Database specific

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "34"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "35"
            }
        ]
    }
]

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-42072.json"