8 matches found
EUVD-2021-1234
Malware in sbrugna...
Path Traversal in marked-tree
This affects all versions up to and including version 0.8.1 of package marked-tree. There is no path sanitization in the path provided at fs.readFile in index.js...
GHSA-XR8H-53XR-JHCM Path Traversal in marked-tree
This affects all versions up to and including version 0.8.1 of package marked-tree. There is no path sanitization in the path provided at fs.readFile in index.js...
Marked-tree path traversal vulnerability
Marked-tree is a Markdown viewer. A path traversal vulnerability exists in fs.readFile in the index.js file in marked-tree all versions, which stems from the program's failure to clean up paths, and can be exploited by an attacker to gain unauthorized access and overwrite or read arbitrary files...
Directory Traversal
marked-tree is vulnerable to directory traversal. Lack of sanitization of the file path allows an attacker to access arbitrary system files outside of the web root...
CVE-2020-7682
This affects all versions of package marked-tree. There is no path sanitization in the path provided at fs.readFile in index.js...
CVE-2020-7682
CVE-2020-7682 concerns all versions of the npm package marked-tree, with no path sanitization in fs.readFile called from index.js. The connected Snyk entry confirms a Directory Traversal vulnerability that can read arbitrary files outside the web root and provides a PoC demonstrating traversal vi...
Directory Traversal
Overview marked-tree is a markdown viewer for viewing markdown within a development environment. Affected versions of this package are vulnerable to Directory Traversal. There is no path sanitization in the path provided at fs.readFile in index.js. PoC by JHU System Security Lab 1. Start the serv...