Lucene search
Veracode Vulnerability DatabaseVERACODE:38510HistoryDec 16, 2022 - 4:02 a.m.
Directory Traversal
2022-12-1604:02:13
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
easywebpack-cli
vulnerability
template.js
directory traversal
sensitive information
get request
0.001 Low
EPSS
Percentile
41.3%
@easy-team/easywebpack-cli is vulnerable to directory traversal. The vulnerability exists in the downloadTemplate function in template.js due to a lack of hiding the file mode which allows an attacker to obtain sensitive information via malicious GET request.
| CPE | Name | Operator | Version |
|---|---|---|---|
| @easy-team/easywebpack-cli | le | 4.5.1 | |
| @easy-team/easywebpack-cli | le | 4.5.1 |
Related
cvelist
cvelist
CVE-2020-24855
2022-12-15 00:00:00
osv
osv
CVE-2020-24855
2022-12-15 19:15:15
easywebpack-cli Path Traversal vulnerability
2022-12-15 21:30:28
nvd
nvd
CVE-2020-24855
2022-12-15 19:15:15
cve
cve
CVE-2020-24855
2022-12-15 19:15:15
github
github
easywebpack-cli Path Traversal vulnerability
2022-12-15 21:30:28
prion
prion
Directory traversal
2022-12-15 19:15:00