EUVD-2021-1234

Malware in sbrugna...

Path Traversal in marked-tree

This affects all versions up to and including version 0.8.1 of package marked-tree. There is no path sanitization in the path provided at fs.readFile in index.js...

GHSA-XR8H-53XR-JHCM Path Traversal in marked-tree

This affects all versions up to and including version 0.8.1 of package marked-tree. There is no path sanitization in the path provided at fs.readFile in index.js...

Path Traversal in marscode

This affects all versionsup to and including version 1.0.1-0 of package marscode. There is no path sanitization in the path provided at fs.readFile in index.js...

GHSA-8PWW-PP5R-RFF8 Path Traversal in marscode

This affects all versionsup to and including version 1.0.1-0 of package marscode. There is no path sanitization in the path provided at fs.readFile in index.js...

marscode path traversal vulnerability

marscode is a file editor for reading, writing, editing and deleting CRUD files. A path traversal vulnerability exists in fs.readFile in the index.js file in marscode all versions, which stems from the program's failure to clean up paths and can be exploited by an attacker to gain unauthorized...

Directory Traversal

fast-http is vulnerable to directory traversal. Lack of path sanitization in the fs.readfile function in index.js allows an attacker to access arbitrary files outside of the web root...

CVE-2020-7682

This affects all versions of package marked-tree. There is no path sanitization in the path provided at fs.readFile in index.js...

CVE-2020-7681

This affects all versions of package marscode. There is no path sanitization in the path provided at fs.readFile in index.js...

CVE-2020-7687

CVE-2020-7687 affects all versions of the npm package fast-http . The root cause is lack of path sanitization in the path provided to fs.readFile in index.js, enabling a directory traversal vulnerability. Multiple sources (NVD/NVD entry, GitHub advisory GHSA-7PHR-5M9X-RW9Q, OSV, CVE records, Vera...

CVE-2020-7687 Directory Traversal

This affects all versions of package fast-http. There is no path sanitization in the path provided at fs.readFile in index.js...

CVE-2020-7681

CVE-2020-7681: Directory traversal in marscode due to lack of path sanitization in the file path used by fs.readFile in index.js. Affected: all versions of marscode. The vulnerability allows accessing files outside the intended directory; several sources (GHSA, CNVD, NVD, OSV, PRION, Snyk) confir...

CVE-2020-7682 Directory Traversal

This affects all versions of package marked-tree. There is no path sanitization in the path provided at fs.readFile in index.js...

CVE-2020-7682

CVE-2020-7682 concerns all versions of the npm package marked-tree, with no path sanitization in fs.readFile called from index.js. The connected Snyk entry confirms a Directory Traversal vulnerability that can read arbitrary files outside the web root and provides a PoC demonstrating traversal vi...