15 matches found
EUVD-2021-1965
Malware in sbrugna...
CVE-2019-5444
Path traversal vulnerability in version up to v1.1.3 in serve-here.js npm module allows attackers to list any file in arbitrary folder...
GHSA-4448-RC82-FCR7 Path Traversal in serve-here.js
Versions of serve-here.js prior to 1.2.0 are vulnerable to path traversal. The package fails to sanitize URLs, allowing attackers to access server files outside of the served folder using relative paths...
Path Traversal in serve-here.js
Versions of serve-here.js prior to 1.2.0 are vulnerable to path traversal. The package fails to sanitize URLs, allowing attackers to access server files outside of the served folder using relative paths...
Serve-here.js path traversal vulnerability
serve-here.js is an HTTP static file server. A path traversal vulnerability in serve-here.js v1.1.3 and prior versions, which arises from a failure of a networked system or product to properly filter for special elements in the path of a resource or file, can be exploited by an attacker to access...
CVE-2019-5444
Path traversal vulnerability in version up to v1.1.3 in serve-here.js npm module allows attackers to list any file in arbitrary folder...
Path traversal
Path traversal vulnerability in version up to v1.1.3 in serve-here.js npm module allows attackers to list any file in arbitrary folder...
CVE-2019-5444
Path traversal vulnerability in version up to v1.1.3 in serve-here.js npm module allows attackers to list any file in arbitrary folder...
CVE-2019-5444
CVE-2019-5444 refers to a path traversal vulnerability in the npm module serve-here.js prior to version 1.2.0 (reported with version 1.1.3). The issue arises because the package does not sanitize URL paths, allowing an attacker to access files outside the served folder by using relative paths (e....
PT-2019-17673 · Unknown · Serve-Here.Js
Name of the Vulnerable Software and Affected Versions: serve-here.js versions prior to 1.2.0 Description: The issue allows attackers to list any file in an arbitrary folder due to a path traversal vulnerability. This is caused by the package's failure to sanitize URLs, enabling attackers to acces...
GHSA-G8M7-QHV7-9H5X Path Traversal in serve-here.js
Versions of serve-here.js prior to 1.2.0 are vulnerable to Path Traversal. The package fails to sanitize URLs, allowing attackers to access server files outside of the served folder using relative paths. Recommendation Upgrade to version 1.2.0 or later...
Path Traversal in serve-here.js
Versions of serve-here.js prior to 1.2.0 are vulnerable to Path Traversal. The package fails to sanitize URLs, allowing attackers to access server files outside of the served folder using relative paths. Recommendation Upgrade to version 1.2.0 or later...
Directory Traversal
serve-here.js is vulnerable to directory traversal. The attack is possible as it allows adding ../ to the web root, listing any file in another folder of web root...
Path Traversal
Overview Versions of serve-here.js prior to 1.2.0 are vulnerable to Path Traversal. The package fails to sanitize URLs, allowing attackers to access server files outside of the served folder using relative paths. Recommendation Upgrade to version 1.2.0 or later. References - HackerOne Report...
Node.js third-party modules: [serve-here.js] List any file in the folder by using path traversal.
I would like to report Path Traversal in serve-here.js. It allows to list any file in another folder of web root. Module module name: serve-here.js version: 1.1.3 npm page: https://www.npmjs.com/package/serve-here.js Module Description Serve static files over HTTP Vulnerability Vulnerability...