4 matches found
CVE-2018-3712
serve node module before 6.4.9 suffers from a Path Traversal vulnerability due to not handling %2e . and %2f / and allowing them in paths, which allows a malicious user to view the contents of any directory with known path...
CVE-2018-3712
serve node module before 6.4.9 suffers from a Path Traversal vulnerability due to not handling %2e . and %2f / and allowing them in paths, which allows a malicious user to view the contents of any directory with known path...
CVE-2018-3712
serve node module before 6.4.9 suffers from a Path Traversal vulnerability due to not handling %2e . and %2f / and allowing them in paths, which allows a malicious user to view the contents of any directory with known path...
CVE-2018-3712
CVE-2018-3712 affects the Node.js package named “serve” and its static file serving behavior. Versions prior to 6.4.9 fail to properly filter the characters %2e (.) and %2f (/), allowing them in paths and enabling a path-traversal that can list directory contents. The core impact described across...