Candidate: CVE-2020-7739
PublicDate: 2020-10-06 15:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7739
 https://github.com/areverberi/phantomjs-seo/blob/083f66892f97d67031668decb917389ffc32a94c/index.js%23L17
 https://snyk.io/vuln/SNYK-JS-PHANTOMJSSEO-609638
Description:
 This affects all versions of package phantomjs-seo. It is possible for an
 attacker to craft a url that will be passed to a PhantomJS instance
 allowing for an SSRF attack.
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N [8.2 HIGH]


Patches_phantomjs:
upstream_phantomjs: needs-triage
precise/esm_phantomjs: DNE
trusty_phantomjs: ignored (out of standard support)
trusty/esm_phantomjs: DNE
xenial_phantomjs: ignored (end of standard support, was needs-triage)
bionic_phantomjs: needs-triage
focal_phantomjs: needs-triage
groovy_phantomjs: DNE
hirsute_phantomjs: DNE
impish_phantomjs: DNE
jammy_phantomjs: DNE
devel_phantomjs: DNE