7 matches found
EUVD-2022-7760
Malicious code in bioql PyPI...
Directory Traversal
easy-static-server is vulnerable to directory traversal. The vulnerability exists in the easyServer function of index.js due to missing input sanitization which allows an attacker to access files and directories that are stored outside the intended folder via req.url...
CVE-2022-25931
CVE-2022-25931 affects all versions of the npm package easy-static-server. The root cause is missing input sanitization and the use of sandboxes around req.url in the easyServer function (index.js), enabling a Directory Traversal attack to access files/directories outside the intended folder. Doc...
CVE-2022-25931 Directory Traversal
All versions of package easy-static-server are vulnerable to Directory Traversal due to missing input sanitization and sandboxes being employed to the req.url user input that is passed to the server code...
easy-static-server vulnerable to Directory Traversal
All versions of package easy-static-server are vulnerable to Directory Traversal due to missing input sanitization and sandboxes being employed to the req.url user input that is passed to the server code...
GHSA-WCWM-C3MR-PXCR easy-static-server vulnerable to Directory Traversal
All versions of package easy-static-server are vulnerable to Directory Traversal due to missing input sanitization and sandboxes being employed to the req.url user input that is passed to the server code...
CVE-2022-25931
All versions of package easy-static-server are vulnerable to Directory Traversal due to missing input sanitization and sandboxes being employed to the req.url user input that is passed to the server code...