What is CVE-2020-8910?

CVE-2020-8910 is a medium-severity vulnerability in Google Closure-library, classified under CWE-625. CVSS score: 6.5/10. Published 2020-03-26.

How severe is CVE-2020-8910?

Medium severity. CVSS v3 base score is 6.5 out of 10.

Vulnerability in Google Closure-library

CVE-2020-8910

A URL parsing issue in goog.uri of the Google Closure Library versions up to and including v20200224 allows an attacker to send malicious URLs to be parsed by the library and return the wrong authority. Mitigation: update your library to v…

EPSS: 0.001 (31.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N.

Affected products

Google Closure-library — versions v20200224

Weakness classification (CWE)

CWE-625

References

github.com/google/closure-library/commit/294fc00b01d248419d8f8de37580adf2a0024f… (x_refsource_CONFIRM)
github.com/google/closure-library/releases/tag/v20200315 (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2020-8910?: CVE-2020-8910 is a medium-severity vulnerability in Google Closure-library, classified under CWE-625. CVSS score: 6.5/10. Published 2020-03-26.
How severe is CVE-2020-8910?: Medium severity. CVSS v3 base score is 6.5 out of 10.