25 matches found
CVE-2024-29180
Prior to versions 7.1.0, 6.1.2, and 5.3.4, the webpack-dev-middleware development middleware for devpack does not validate the supplied URL address sufficiently before returning the local file. It is possible to access any file on the developer's machine. The middleware can either work with the...
CVE-2024-29180 webpack-dev-middleware Path Traversal vulnerability
Prior to versions 7.1.0, 6.1.2, and 5.3.4, the webpack-dev-middleware development middleware for devpack does not validate the supplied URL address sufficiently before returning the local file. It is possible to access any file on the developer's machine. The middleware can either work with the...
CVE-2024-29180 webpack-dev-middleware Path Traversal vulnerability
Prior to versions 7.1.0, 6.1.2, and 5.3.4, the webpack-dev-middleware development middleware for devpack does not validate the supplied URL address sufficiently before returning the local file. It is possible to access any file on the developer's machine. The middleware can either work with the...
webpack-dev-middleware 安全漏洞
webpack-dev-middleware is an express style development middleware for webpack open source . Used for webpack bundles and allows to provide files emitted from webpack. A security vulnerability exists in webpack-dev-middleware versions prior to 7.1.0, 6.1.2, and 5.3.4, which stems from a path...
Denial Of Service (DoS)
webpack-dev-middleware is vulnerable to denial of service. A memory leak occurs when the function writeToDisk is used, causing the compile-time to keep increasing as the duplicates write to disk keep increasing, eventually leading to a denial of service condition...