EUVD-2023-1627

Malicious code in bioql PyPI...

CVE-2023-26126

All versions of the package m.static are vulnerable to Directory Traversal due to improper input sanitization of the path being requested via the requestFile function...

Path Traversal

m.static is vulnerable to Path Traversal. The vulnerability exists due to the improper path sanitization in the requestFile parameter in the requestListener function of index.js, which allows an attacker to access files outside the expected directory through relative paths...

GHSA-VCXH-QVGR-9FW9 m.static Directory Traversal vulnerability

All versions of the package m.static are vulnerable to Directory Traversal due to improper input sanitization of the path being requested via the requestFile function...

m.static Directory Traversal vulnerability

All versions of the package m.static are vulnerable to Directory Traversal due to improper input sanitization of the path being requested via the requestFile function...

CVE-2023-26126

All versions of the package m.static are vulnerable to Directory Traversal due to improper input sanitization of the path being requested via the requestFile function...

CVE-2023-26126

All versions of the package m.static are vulnerable to Directory Traversal due to improper input sanitization of the path being requested via the requestFile function...

CVE-2023-26126

CVE-2023-26126 concerns the npm package m.static , where all versions are vulnerable to a Directory Traversal due to improper input sanitization in the requestFile function. The published descriptions consistently state that path inputs can escape the intended directory, enabling access to arbitr...

m.static 路径遍历漏洞

npm m.static is a lightweight static file server for node.js written in es6+ from the US company npm. A security vulnerability exists in m.static that stems from incorrect input cleanup of paths requested via the requestFile function...