| Name | CVE-2021-20066 |
| Description | JSDom improperly allows the loading of local resources, which allows for local files to be manipulated by a malicious web page when script execution is enabled. |
| Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
Disputed by upstream: https://github.com/jsdom/jsdom/issues/3124#issuecomment-783502951
https://www.tenable.com/security/research/tra-2021-05
https://github.com/jsdom/jsdom/issues/3124