Closure Library Google Closure Library

stack.watch can email you when security vulnerabilities are reported in Google Closure Library. You can add multiple products that you use with Closure Library to create your own personal software stack watcher.

By the Year

In 2021 there have been 0 vulnerabilities in Google Closure Library . Last year Closure Library had 1 security vulnerability published. Right now, Closure Library is on track to have less security vulnerabilities in 2021 than it did last year.

Year Vulnerabilities Average Score
2021 0 0.00
2020 1 6.50
2019 0 0.00
2018 0 0.00

It may take a day or so for new Closure Library vulnerabilities to show up. Additionally vulnerabilities may be tagged under a different product or component name.

Latest Google Closure Library Security Vulnerabilities

A URL parsing issue in goog.uri of the Google Closure Library versions up to and including v20200224

CVE-2020-8910 6.5 - Medium - March 26, 2020

A URL parsing issue in goog.uri of the Google Closure Library versions up to and including v20200224 allows an attacker to send malicious URLs to be parsed by the library and return the wrong authority. Mitigation: update your library to version v20200315.

CVE-2020-8910 is exploitable with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Improper Input Validation