12 matches found
EUVD-2019-0496
Malware in sbrugna...
CVE-2019-5437
Information exposure through the directory listing in npm's harp module allows to access files that are supposed to be ignored according to the harp server rules.Vulnerable versions are = 0.29.0 and no fix was applied to our knowledge...
CVE-2019-5438
Path traversal using symlink in npm harp module versions = 0.29.0...
CVE-2019-5438
Path traversal using symlink in npm harp module versions = 0.29.0...
Path traversal
Path traversal using symlink in npm harp module versions = 0.29.0...
CVE-2019-5437
Information exposure through the directory listing in npm's harp module allows to access files that are supposed to be ignored according to the harp server rules.Vulnerable versions are = 0.29.0 and no fix was applied to our knowledge...
Information disclosure
Information exposure through the directory listing in npm's harp module allows to access files that are supposed to be ignored according to the harp server rules.Vulnerable versions are = 0.29.0 and no fix was applied to our knowledge...
CVE-2019-5437
Summary: The CVE concerns the npm module harp (Node.js web server). Affected versions are
CVE-2019-5438
Summary: The CVE-2019-5438 issue affects the npm package harp, specifically versions ≤ 0.29.0, where an attacker can exploit a symlink-based path traversal to access files outside the project directory. This vulnerability allows serving sensitive files via the harp server when a symlink points to...
CVE-2019-5438
Path traversal using symlink in npm harp module versions = 0.29.0...
Node.js third-party modules: [harp] Path traversal using symlink
In reference to 453820 Module module name: harp version: 0.29.0 npm page: https://www.npmjs.com/package/harp Module Description zero-configuration web server with built in pre-processing Module Stats 2,679 downloads in the last week Vulnerability Path traversal using symlink. Vulnerability...
Node.js third-party modules: [harp] Unsafe rendering of Markdown files
I would like to report Cross Site Scripting vulnerablity in harp module It allows to execute arbitrary JavaScript due to unsafe rendering of markdown files. Similar to 404126 Module module name: harp version: 0.29.0 npm page: https://www.npmjs.com/package/harp Module Description zero-configuratio...