2 matches found
CVE-2019-15596
A path traversal in statics-server exists in all version that allows an attacker to perform a path traversal when a symlink is used within the working directory...
CVE-2019-15596
statics-server (npm package) is affected by a path traversal vulnerability that arises from not properly limiting access to files outside the served directory when a symlink within the working directory is used. Exploitation allows reading arbitrary files on the server by requesting the symlink t...