193 matches found
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal via improper validation in the sanitizePath function. An attacker can access or modify files outside the intended directory boundary by crafting paths that bypass prefix-based checks. Details A Directory Traversal...
Directory Traversal
Overview @fastify/static is a Plugin for serving static files as fast as possible. Affected versions of this package are vulnerable to Directory Traversal via the dirList.path function when directory listing is enabled. An attacker can access directory listings outside the configured static root ...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal via the fixture process. An attacker can access or overwrite arbitrary files by supplying specially crafted input containing path traversal sequences. Details A Directory Traversal attack also known as path traversal...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal through a discrepancy in path normalization between protocol handlers and internal routing. An attacker can bypass folder-level permissions or escape the boundaries of a configured virtual folder by crafting specific...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal in the resolveURI function while performing directory validation when the configuration value livy.file.local-dir-whitelist is set to a non-default value. An attacker can gain unauthorized access to arbitrary...
PT-2026-23096
Name of the Vulnerable Software and Affected Versions @hono/node-server versions prior to 1.19.10 Description @hono/node-server allows running the Hono application on Node.js. When using static file serving with route-based middleware protections, inconsistent URL decoding can allow protected...
Directory Traversal
Overview basic-ftp is a FTP client for Node.js, supports FTPS over TLS, IPv6, Async/Await, and Typescript. Affected versions of this package are vulnerable to Directory Traversal in the downloadToDir method. A malicious FTP server can overwrite or create files outside the intended directory...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal via the TkFiles function. An attacker can access files outside the intended directory by submitting specially crafted HTTP request paths containing directory traversal sequences. Details A Directory Traversal attack...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal via crafted symbolic links in the repository. An attacker can access sensitive files on the server filesystem by creating and referencing symbolic links that point to arbitrary locations. Details A Directory Traversa...
EUVD-2020-1224
Malware in sbrugna...
EUVD-2020-1220
Malware in sbrugna...
EUVD-2018-0285
Malware in sbrugna...
EUVD-2020-1003
Malware in sbrugna...
EUVD-2020-0913
Malware in sbrugna...
EUVD-2018-0348
Malware in sbrugna...
EUVD-2018-0255
Malware in sbrugna...
EUVD-2020-0631
Malware in sbrugna...
EUVD-2020-1385
Malware in sbrugna...
EUVD-2020-1334
Malware in sbrugna...
EUVD-2020-1157
Malware in sbrugna...