2 matches found
muleify (>=2.5.7 <=4.0.5), oxe-cli (>=1.1.0 <=1.1.3) potentially affected by CVE-2020-8214 via servey (>=1.0.3 <=2.2.0)
servey NPM version =1.0.3, =2.5.7, =1.1.0, =1.1.3 Source cves: CVE-2020-8214 Source advisory: OSV:GHSA-V3PX-6CC8-F8J3...
CVE-2020-8214
CVE-2020-8214 affects the Node.js module servey (older than 3.3.2). The vulnerability is a directory traversal flaw in the server that serves static content, allowing an attacker to read arbitrary files by crafting URLs with ../../ traversal. Public material shows proof-of-concept behavior such a...