CVE-2026-8274

A security vulnerability has been detected in npitre cramfs-tools up to 2.1. Affected is the function dodirectory of the file cramfsck.c of the component Directory Handler. Such manipulation leads to path traversal. The attack can only be performed from a local environment. The exploit has been...

cramfs-tools 路径遍历漏洞

cramfs-tools is a compression read-only file system tool developed by Nicolas Pitre. Versions of cramfs-tools 2.1 and earlier contained a path traversal vulnerability, which originated from a function in the Directory Handler component called dodirectory in the cramfsck.c file, which allowed for...

GHSA-G4XP-36C3-F7MR Hidden Directories Always Served in inert

Versions 1.1.1 and earlier of inert are vulnerable to an information leakage vulnerability which causes files in hidden directories to be served, even when showHidden is false. The inert directory handler always allows files in hidden directories to be served, even when showHidden is false...

inert node module inert directory handler information disclosure vulnerability

The inert node module is a static file and directory handler for hapi.js. inert directory handler is one of the directory insertion handlers. An information disclosure vulnerability exists in the inert directory handler in versions of the inert node module prior to 1.1.1. An attacker can exploit...

CVE-2014-10068

The inert directory handler in inert node module before 1.1.1 always allows files in hidden directories to be served, even when showHidden is false...

Design/Logic Flaw

The inert directory handler in inert node module before 1.1.1 always allows files in hidden directories to be served, even when showHidden is false...

CVE-2014-10068

The CVE-2014-10068 issue affects the inert Node.js module (inert) prior to 1.1.1, where the inert directory handler can serve files from hidden directories even when showHidden is false. Affected versions are 1.1.0 and earlier. The root cause is an information-disclosure vulnerability in the dire...