Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nodejsTungpunNODEJS:1010
HistoryJun 19, 2019 - 8:10 p.m.

Path Traversal

2019-06-1920:10:24
tungpun
www.npmjs.com
18

EPSS

0.006

Percentile

78.3%

JSON

Overview

Versions of serve prior to 7.0.1 are vulnerable to Path Traversal. Explicitly ignored folders can be accessed through if the path contains a /./, which allows attackers to access hidden folders and files.

Recommendation

Upgrade to version 7.0.1 or later.

References

Related

github 1
osv 2
prion 1
hackerone 1
veracode 1
cve 1
cvelist 1
nvd 1
github
github
Path Traversal in serve
2019-03-25 18:03:58
osv
osv
Path Traversal in serve
2019-03-25 18:03:58
CVE-2019-5415
2019-03-21 16:01:05
prion
prion
Design/Logic Flaw
2019-03-21 16:01:00
hackerone
hackerone
Node.js third-party modules: [serve] Directory listing and File access even when they have been set to be ignored (using dot-slash)
2018-03-28 10:35:21
veracode
veracode
Directory Traversal
2019-03-22 13:09:22
cve
cve
CVE-2019-5415
2019-03-21 16:01:05
cvelist
cvelist
CVE-2019-5415
2019-03-17 19:28:37
nvd
nvd
CVE-2019-5415
2019-03-21 16:01:05

EPSS

0.006

Percentile

78.3%

JSON
Related for NODEJS:1010
github1osv2prion1hackerone1veracode1cve1cvelist1nvd1