EUVD-2022-7270

Malicious code in bioql PyPI...

Directory Traversal

static-dev-server is vulnerable to directory traversal. The vulnerability is due when paths from users to the root directory are joined, the assets for the path accessed are relative to that of the root directory which allows an attacker to gain access to the restricted file directories and perfo...

static-dev-server directory traversal vulnerability

static-dev-server is a simple http server for serving static resource files from a local directory and automatically reloading them when they change. A directory traversal vulnerability exists in all versions of npm static-dev-server, which stems from a lack of validity checking of paths when...

GHSA-7FXM-C848-89Q8 static-dev-server vulnerable to path traversal

A path traversal vulnerability affects all versions of package static-dev-server. This is because when paths from users to the root directory are joined, the assets for the path accessed are relative to that of the root directory. There is currently no known workaround or fix for this issue...

CVE-2022-25848

This affects all versions of package static-dev-server. This is because when paths from users to the root directory are joined, the assets for the path accessed are relative to that of the root directory...

CVE-2022-25848

This affects all versions of package static-dev-server. This is because when paths from users to the root directory are joined, the assets for the path accessed are relative to that of the root directory...

Directory traversal

This affects all versions of package static-dev-server. This is because when paths from users to the root directory are joined, the assets for the path accessed are relative to that of the root directory...

CVE-2022-25848 Directory Traversal

This affects all versions of package static-dev-server. This is because when paths from users to the root directory are joined, the assets for the path accessed are relative to that of the root directory...

CVE-2022-25848 Directory Traversal

This affects all versions of package static-dev-server. This is because when paths from users to the root directory are joined, the assets for the path accessed are relative to that of the root directory...

CVE-2022-25848

CVE-2022-25848 affects all versions of the npm package static-dev-server. The root cause is a directory traversal vulnerability caused by how paths from users to the root directory are joined, causing assets to be resolved relative to the root. This can enable access to arbitrary files on the und...

static-dev-server 路径遍历漏洞

static-dev-server is a simple http server for serving static resource files from a local directory and automatically reloading them when they change. A directory traversal vulnerability exists in all versions of npm static-dev-server, which stems from a lack of validity checking of paths when...

PT-2022-17565 · Unknown · Static-Dev-Server

Name of the Vulnerable Software and Affected Versions: static-dev-server versions all Description: A path traversal issue affects the package. This occurs because when paths from users to the root directory are joined, the assets for the path accessed are relative to that of the root directory...

Directory Traversal

Overview static-dev-server is an A simple http server to serve static resource files from a local directory and auto reload when file change. Affected versions of this package are vulnerable to Directory Traversal. This is because when paths from users to the root directory are joined, the assets...