CVE-2020-24025

Published January 11th, 2021

View on NVD ↗

CVSS v3

5.3

MEDIUM

CVSS v2

MEDIUM

Affected

PROJECT

Description

Certificate validation in node-sass 2.0.0 to 4.14.1 is disabled when requesting binaries even if the user is not specifying an alternative download path.

sass/node-sass

:rainbow: Node.js bindings to libsass

GitHub

8.46K