2 matches found
CVE-2019-5423
CVE-2019-5423 concerns the http-live-simulator npm package (v1.0.5) with a path traversal vulnerability caused by insufficient input sanitization. The vulnerability allows a remote attacker to access arbitrary files on the server by manipulating the requested path. Multiple connected sources (Git...
CVE-2018-16479
CVE-2018-16479 affects the package http-live-simulator (versions before 1.0.7). The root cause is insufficient input sanitization in the pathname, allowing a path traversal attack by appending extra slashes after the URL, which can lead to unauthorized access to arbitrary files on disk. Public ad...