Lucene search
K

6 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 7:1 a.m.28 views

Security Bulletin: Security vulnerabilities in Node.js modules affect IBM Business Process Manager (BPM) Configuration Editor (CVE-2014-6394, CVE-2014-7191)

Summary Security vulnerabilities have been reported for some dependent Node.js modules. IBM Business Process Manager includes a stand-alone tool for editing configuration properties files that is based on open source Node.js technology. Vulnerability Details CVE-ID: CVE-2014-6394 Description:...

7.5CVSS0.3AI score0.08309EPSS
Exploits1Affected Software3
OSV
OSV
added 2014/10/08 5:55 p.m.8 views

CVE-2014-6394

visionmedia send before 0.8.4 for Node.js uses a partial comparison for verifying whether a directory is within the document root, which allows remote attackers to access restricted directories, as demonstrated using "public-restricted" under a "public" directory...

6.3AI score
Exploits0References15
Cvelist
Cvelist
added 2014/10/08 5:0 p.m.21 views

CVE-2014-6394

visionmedia send before 0.8.4 for Node.js uses a partial comparison for verifying whether a directory is within the document root, which allows remote attackers to access restricted directories, as demonstrated using "public-restricted" under a "public" directory...

6.2AI score0.04257EPSS
Exploits1References15
CVE
CVE
added 2014/10/08 5:0 p.m.76 views

CVE-2014-6394

The CVE-2014-6394 entry concerns visionmedia send before 0.8.4 for Node.js. The vulnerability arises from a partial directory-root verification, which can allow a remote attacker to escape the intended restricted directory and access files such as those under a public-restricted path (e.g., publi...

7.5CVSS6.3AI score0.04257EPSS
Exploits1References15Affected Software1
Debian CVE
Debian CVE
added 2014/10/08 5:0 p.m.26 views

CVE-2014-6394

visionmedia send before 0.8.4 for Node.js uses a partial comparison for verifying whether a directory is within the document root, which allows remote attackers to access restricted directories, as demonstrated using "public-restricted" under a "public" directory...

7.5CVSS4.6AI score0.04257EPSS
Exploits1
OpenVAS
OpenVAS
added 2014/10/07 12:0 a.m.25 views

Fedora Update for nodejs-send FEDORA-2014-11495

Check the version of nodejs-send SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868362";...

7.5CVSS6.4AI score0.04257EPSS
Exploits1References2
Rows per page
Query Builder