Lucene search
Toannc123NODEJS:1019HistoryJun 24, 2019 - 3:23 p.m.
Path Traversal
2019-06-2415:23:24
toannc123
www.npmjs.com
10
EPSS
0.001
Percentile
48.3%
Overview
Versions of serve-here.js prior to 1.2.0 are vulnerable to Path Traversal. The package fails to sanitize URLs, allowing attackers to access server files outside of the served folder using relative paths.
Recommendation
Upgrade to version 1.2.0 or later.
References
Related
veracode
veracode
Directory Traversal
2019-06-25 07:01:04
osv
osv
Path Traversal in serve-here.js
2021-09-22 18:40:57
hackerone
hackerone
cvelist
cvelist
CVE-2019-5444
2019-07-10 19:43:03
cve
cve
CVE-2019-5444
2019-07-10 20:15:12
github
github
Path Traversal in serve-here.js
2021-09-22 18:40:57
githubexploit
githubexploit
Exploit for Path Traversal in Serve-Here.Js Project Serve-Here.Js
2020-12-01 09:18:58
prion
prion
Path traversal
2019-07-10 20:15:00
nvd
nvd
CVE-2019-5444
2019-07-10 20:15:12