Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the gettemplate function. An attacker can access arbitrary files readable by the process by supplying a specially crafted URI with a double-slash prefix, which bypasses path normalization checks. Note: This is...

CVE-2025-62427

The Angular SSR is a server-rise rendering tool for Angular applications. The vulnerability is a Server-Side Request Forgery SSRF flaw within the URL resolution mechanism of Angular's Server-Side Rendering package @angular/ssr before 19.2.18, 20.3.6, and 21.0.0-next.8. The function createRequestU...

CVE-2025-62427 Server-Side Request Forgery (SSRF) in Angular SSR

The Angular SSR is a server-rise rendering tool for Angular applications. The vulnerability is a Server-Side Request Forgery SSRF flaw within the URL resolution mechanism of Angular's Server-Side Rendering package @angular/ssr before 19.2.18, 20.3.6, and 21.0.0-next.8. The function createRequestU...

security flaw

Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with 1 .. sequences or 2 absolute pathnames with double leading slashes "//absolute/path"...