Lucene search
+L

4 matches found

OSV
OSV
added 2025/09/30 11:37 a.m.5 views

UBUNTU-CVE-2025-11149

This affects all versions of the package node-static; all versions of the package @nubosoftware/node-static. The package fails to catch an exception when user input includes null bytes. This allows attackers to access http://host/%00 and crash the server...

7.5CVSS5.8AI score0.00489EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/09/30 5:0 a.m.2 views

CVE-2025-11149

This affects all versions of the package node-static; all versions of the package @nubosoftware/node-static. The package fails to catch an exception when user input includes null bytes. This allows attackers to access http://host/%00 and crash the server...

7.5CVSS6.5AI score0.00489EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/09/30 12:0 a.m.2 views

CVE-2025-11149

This affects all versions of the package node-static; all versions of the package @nubosoftware/node-static. The package fails to catch an exception when user input includes null bytes. This allows attackers to access http://host/%00 and crash the server...

7.5CVSS5.9AI score0.00489EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2021/09/22 6:22 p.m.5 views

40au-isteven-angular-multiselect (=4.0.0), @abcd19/st-grid (=3.1.0) +723 more potentially affected by CVE-2025-11149 via node-static (>=0.5.6 <=0.7.11)

node-static NPM version =0.5.6, =1.0.5, =0.0.5, =0.0.1, =0.0.1, =17.0.6 - @beadswap/lib =0.0.1 and more Source cves: CVE-2025-11149 Source advisory: OSV:GHSA-8R4G-CG4M-X23C...

7.5CVSS5.7AI score0.00489EPSS
Exploits0
Rows per page
Query Builder