Lucene search
Veracode Vulnerability DatabaseVERACODE:38563HistoryDec 22, 2022 - 6:56 a.m.
Path Traversal
2022-12-2206:56:29
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
lite-dev-server
path traversal
vulnerability
server.js
dot-dot-slash sequences
arbitrary files.
0.001 Low
EPSS
Percentile
50.9%
lite-dev-server is vulnerable to path traversal. The vulnerability exists in server.js because it aims to access files and directories that are stored outside the intended folder. By manipulating files with dot-dot-slash (../) sequences and its variations it may be possible to access arbitrary files and directories stored on the file system.
| CPE | Name | Operator | Version |
|---|---|---|---|
| lite-dev-server | le | 3.2.7 | |
| lite-dev-server | le | 3.2.7 |
Related
cve
cve
CVE-2022-25895
2022-12-21 05:15:11
cvelist
cvelist
CVE-2022-25895 Directory Traversal
2022-12-21 00:00:00
prion
prion
Directory traversal
2022-12-21 05:15:00
nvd
nvd
CVE-2022-25895
2022-12-21 05:15:11
osv
osv
lite-dev-server vulnerable to Directory Traversal
2022-12-21 06:30:29
github
github
lite-dev-server vulnerable to Directory Traversal
2022-12-21 06:30:29