CVE-2019-14537
First published: Wed Aug 07 2019(Updated: )
YOURLS through 1.7.3 is affected by a type juggling vulnerability in the api component that can result in login bypass.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Yourls Yourls | <=1.7.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2019-14537?
CVE-2019-14537 is a type juggling vulnerability in the YOURLS through 1.7.3 API component that can result in login bypass.
How severe is CVE-2019-14537?
CVE-2019-14537 has a severity score of 9.8, which is considered critical.
What software versions are affected by CVE-2019-14537?
YOURLS versions up to and including 1.7.3 are affected by CVE-2019-14537.
How can I fix CVE-2019-14537?
To fix CVE-2019-14537, you should update YOURLS to a version higher than 1.7.3.
Where can I find more information about CVE-2019-14537?
You can find more information about CVE-2019-14537 on the following references: [GitHub](https://github.com/Wocanilo/CVE-2019-14537), [YOURLS Commits](https://github.com/YOURLS/YOURLS/commits/master), [YOURLS Pull Request](https://github.com/YOURLS/YOURLS/pull/2542).
- collector/nvd-index
- agent/references
- agent/severity
- agent/type
- agent/author
- agent/weakness
- agent/description
- agent/event
- agent/remedy
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/yourls
- canonical/yourls yourls
- version/yourls yourls/1.7.3