CVE-2023-26111

All versions of the package @nubosoftware/node-static; all versions of the package node-static are vulnerable to Directory Traversal due to improper file path sanitization in the startsWith method in the servePath function...

CVE-2023-26111

All versions of the package @nubosoftware/node-static; all versions of the package node-static are vulnerable to Directory Traversal due to improper file path sanitization in the startsWith method in the servePath function...

Directory traversal

All versions of the package @nubosoftware/node-static; all versions of the package node-static are vulnerable to Directory Traversal due to improper file path sanitization in the startsWith method in the servePath function...

CVE-2023-26111

All versions of the package @nubosoftware/node-static; all versions of the package node-static are vulnerable to Directory Traversal due to improper file path sanitization in the startsWith method in the servePath function...

PT-2023-20498 · Unknown · Node-Static

Name of the Vulnerable Software and Affected Versions: @node-static versions all node-static versions all Description: The issue arises from improper file path sanitization in the startsWith method within the servePath function, leading to Directory Traversal. This allows attackers to access file...

node-static 路径遍历漏洞

node-static is an rfc 2616 compliant HTTP static file server module with built-in caching. A security vulnerability exists in node-static due to improper file path cleanup in the startsWith method of the servePath function...