0.002 Low
EPSS
Percentile
55.6%
node-srv is vulnerable to directory traversal attacks. The vulnerability exists due to the lack of sanitization when handling file paths, allowing the ../ payload to be interpreted and reading files out of the server’s scope.
../
github.com/nim579/node-srv/commit/15be996c0520ac6e4dee0cf0808fc7e72effd2a2
github.com/nim579/node-srv/issues/28
hackerone.com/bl4de
hackerone.com/reports/309124