0.282 Low
EPSS
Percentile
96.9%
node-red-contrib-huemagic 3.0.0 is affected by hue/assets/..%2F Directory Traversal.in the res.sendFile API, used in file hue-magic.js, to fetch an arbitrary file.
hue/assets/..%2F
res.sendFile
github.com/Foddy/node-red-contrib-huemagic
github.com/Foddy/node-red-contrib-huemagic/issues/217
nvd.nist.gov/vuln/detail/CVE-2021-25864