Lucene search
K

Serve Path Traversal Vulnerability

🗓️ 22 Jun 2018 00:00:00Reported by China National Vulnerability DatabaseType 
cnvd
 cnvd
🔗 www.cnvd.org.cn👁 5 Views

Path traversal in serve before 6.4.9 allows viewing contents of any directory by bypassing %2e and %2f.

Related
Detection
Refs
ReporterTitlePublishedViews
Family
CVE
CVE-2018-3712
7 Jun 201802:00
cve
Cvelist
CVE-2018-3712
7 Jun 201802:00
cvelist
EUVD
EUVD-2018-0308
7 Oct 202500:30
euvd
Github Security Blog
Directory Traversal in serve
27 Jul 201817:07
github
Hacker One
Node.js third-party modules: [serve] Directory index of arbitrary folder available due to lack of sanitization of %2e and %2f characters in url
21 Jan 201815:44
hackerone
Node.js
Directory Traversal
23 Jan 201816:55
nodejs
NVD
CVE-2018-3712
7 Jun 201802:29
nvd
OSV
GHSA-Q2QH-CGC2-QHR3 Directory Traversal in serve
27 Jul 201817:07
osv
Prion
Path traversal
7 Jun 201802:29
prion
Veracode
Directory Traversal
24 Jan 201808:46
veracode
Rows per page
Vulners

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

25 Jun 2018 00:00Current
6.3Medium risk
Vulners AI Score6.3
CVSS 24
CVSS 36.5
EPSS0.0179
5