3 matches found
h-include (=1.0.0), hinclude (>=1.0.1 <=1.1.0) +3 more potentially affected by CVE-2018-3787 via simplehttpserver (>=0.0.6 <=0.1.1)
simplehttpserver NPM version =0.0.6, =1.0.1, =0.0.1, =0.0.2 Source cves: CVE-2018-3787 Source advisory: OSV:GHSA-GPVJ-Q7FP-JCCH...
CVE-2018-3787
Path traversal in simplehttpserver v0.2.1 allows listing any file on the server...
CVE-2018-3787
The CVE-2018-3787 vulnerability affects the Python-based simplehttpserver project. Affected versions are prior to 0.2.1, where the server concatenates the requested URL path to the web root, enabling path traversal and the listing of arbitrary server files. Impact described across multiple source...