2 matches found
CVE-2018-3725
hekto node module suffers from a Path Traversal vulnerability due to lack of validation of file, which allows a malicious user to read content of any file with known path...
CVE-2018-3725
CVE-2018-3725 describes a path-traversal vulnerability in the Node.js module hekto . The issue arises from inadequate validation of the requested file path, allowing a remote attacker to read arbitrary files on a server running hekto (e.g., via crafted URLs with traversal sequences). Several conn...