3 matches found
Directory Traversal
serve-handler is vulnerable to directory traversal. Attackers are able to access explicitly ignored folders using directory traversal characters ../ followed by the ignored folders. This vulnerability is a bypass of the fix for CVE-2018-3718...
CVE-2018-3718
serve node module suffers from Improper Handling of URL Encoding by permitting access to ignored files if a filename is URL encoded...
CVE-2018-3718
serve node module suffers from Improper Handling of URL Encoding by permitting access to ignored files if a filename is URL encoded...