GHSA-HQW4-8893-J4H7 Directory Traversal in simple-npm-registry

Affected versions of simple-npm-registry resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable system...

Directory Traversal in simple-npm-registry

Affected versions of simple-npm-registry resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the vulnerable system...

Directory Traversal

simple-npm-registry is vulnerable to directory traversal attacks. These attacks are possible by requesting a url such as /..%2f..%2fetc/passwd to get sensitive information...

CVE-2017-16132

simple-npm-registry is a local npm package cache. simple-npm-registry is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...

CVE-2017-16132

simple-npm-registry is a local npm package cache. simple-npm-registry is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url...

CVE-2017-16132

CVE-2017-16132 concerns simple-npm-registry, a local npm package cache. Multiple connected sources confirm a directory traversal vulnerability in simple-npm-registry: an attacker can craft a URL containing relative path sequences (e.g., ../../) to access files outside the intended directory root....