CVE-2018-3732

resolve-path node module before 1.4.0 suffers from a Path Traversal vulnerability due to lack of validation of paths with certain special characters, which allows a malicious user to read content of any file with known path...

PT-2018-16156 · Node · Resolve-Path

Name of the Vulnerable Software and Affected Versions: resolve-path versions prior to 1.4.0 Description: The issue arises from a lack of validation of paths containing certain special characters in the resolve-path node module, allowing a malicious user to read the content of any file with a know...