Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

GHSA-4946-85pr-fvxh

GitHub Security Advisory

vantage6's CORS settings overly permissive

✓ GitHub Reviewed MODERATE Has CVE
View on GitHub

Advisory Details

### Impact
The vantage6 server has no restrictions on CORS settings. It should be possible for people to set the allowed origins of the server.

The impact is limited because v6 does not use session cookies

### Patches
No

### Workarounds
No

Affected Packages

PyPI vantage6
Affected versions: 0 (fixed in 4.3.0)

Related CVEs

CVE-2024-23823

Key Information

GHSA ID
GHSA-4946-85pr-fvxh
Published
March 15, 2024 4:42 PM
Last Modified
March 15, 2024 4:42 PM
CVSS Score
5.0 /10
Primary Ecosystem
PyPI
Primary Package
vantage6
GitHub Reviewed
✓ Yes

Dataset

Last updated: July 13, 2025 6:28 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.