Serverless Offline 8.0.0 returns a 403 HTTP status code for a route that has a trailing / character, which might cause a developer to implement incorrect access control, because the actual behavior within the Amazon AWS environment is a 200 HTTP status code (i.e., possibly greater than expected permissions).
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2021-08-10T17:35:41

Updated: 2024-08-04T01:37:16.558Z

Reserved: 2021-08-10T00:00:00

Link: CVE-2021-38384

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-08-10T18:15:07.513

Modified: 2024-11-21T06:16:57.640

Link: CVE-2021-38384

cve-icon Redhat

No data.