Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nodejsVulzzzNODEJS:744
HistoryDec 07, 2018 - 8:07 p.m.

Path Traversal

2018-12-0720:07:40
vulzzz
www.npmjs.com
420

EPSS

0.001

Percentile

40.6%

JSON

Overview

All versions of simplehttpserver are vulnerable to Path Traversal.

This vulnerability allows an attacker to access files outside the webroot since it allows symlink navigation in the URL.

Recommendation

No fix is currently available. Do not use simplehttpserver in production or consider using an alternative module until a fix is made available.

References

Related

prion 1
github 1
osv 1
cve 1
veracode 1
cvelist 1
hackerone 1
nvd 1
prion
prion
Path traversal
2018-12-04 14:29:00
github
github
Path Traversal in simplehttpserver
2018-12-06 15:49:10
osv
osv
Path Traversal in simplehttpserver
2018-12-06 15:49:10
cve
cve
CVE-2018-16478
2018-12-04 14:29:00
veracode
veracode
Information Disclosure
2018-12-03 05:24:29
cvelist
cvelist
CVE-2018-16478
2018-12-04 14:00:00
hackerone
hackerone
Node.js third-party modules: List any file in the folder by using path traversal
2018-09-01 03:35:12
nvd
nvd
CVE-2018-16478
2018-12-04 14:29:00

EPSS

0.001

Percentile

40.6%

JSON
Related for NODEJS:744
prion1github1osv1cve1veracode1cvelist1hackerone1nvd1