Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:3965
HistoryApr 25, 2017 - 2:58 a.m.

Path Traversal

2017-04-2502:58:36
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
2

0.007 Low

EPSS

Percentile

80.7%

list-n-stream is vulnerable to path traversal attacks. The vulnerability is possible because it fails to sanitize the URL request and prevent access to sensitive files and data on the server. Attackers can leak passwords if they request the /api/v1/fs/..%2f..%2fetc/passwd URL.

CPENameOperatorVersion
list-n-streamle0.0.10

0.007 Low

EPSS

Percentile

80.7%