Lucene search
K

5 matches found

CNVD
CNVD
added 2020/08/05 12:0 a.m.2 views

rollup-plugin-serve path traversal vulnerability

rollup-plugin-serve is a module bundler package for JavaScript. A security vulnerability exists in the readFile operation of the 'readFileFromContentBase' function in rollup-plugin-server, which stems from the program's failure to clean up paths. No details of the vulnerability are available at...

7.5CVSS6.9AI score0.01768EPSS
Exploits1References1
OSV
OSV
added 2020/07/29 6:7 p.m.12 views

GHSA-VR98-27QJ-3C8Q Directory traversal in rollup-plugin-server

This affects all versions of package rollup-plugin-dev-server. There is no path sanitization in readFile operation inside the readFileFromContentBase function...

7.5CVSS5.9AI score0.01768EPSS
Exploits1References2
CNVD
CNVD
added 2020/07/28 12:0 a.m.2 views

rollup-plugin-dev-server path traversal vulnerability

rollup-plugin-dev-server is a plugin summary package. A path traversal vulnerability exists in the readFile operation of the 'readFileFromContentBase' function in rollup-plugin-dev-server all versions, which stems from the program's failure to clean up paths, and can be exploited by an attacker t...

7.5CVSS7.1AI score0.01768EPSS
Exploits1References1
NVD
NVD
added 2020/07/25 9:15 a.m.28 views

CVE-2020-7686

This affects all versions of package rollup-plugin-dev-server. There is no path sanitization in readFile operation inside the readFileFromContentBase function...

7.5CVSS7.5AI score0.01768EPSS
Exploits1References1
Snyk
Snyk
added 2020/06/20 12:38 p.m.5 views

Directory Traversal

Overview rollup-plugin-dev-server is a server for serving rolled up bundles like webpack-dev-server. Affected versions of this package are vulnerable to Directory Traversal. There is no path sanitization in readFile operation inside the readFileFromContentBase function. PoC by JHU System Security...

7.5CVSS7.5AI score0.01768EPSS
Exploits1References2
Rows per page
Query Builder