CVE-2019-5415
- EPSS 0.32%
- Veröffentlicht 21.03.2019 16:01:05
- Zuletzt bearbeitet 21.11.2024 04:44:53
A bug in handling the ignore files and directories feature in serve 6.5.3 allows an attacker to read a file or list the directory that the victim has not allowed access to.
CVE-2019-5417
- EPSS 0.61%
- Veröffentlicht 21.03.2019 16:01:05
- Zuletzt bearbeitet 21.11.2024 04:44:53
A path traversal vulnerability in serve npm package version 7.0.1 allows the attackers to read content of arbitrary files on the remote server.
CVE-2018-3718
- EPSS 0.24%
- Veröffentlicht 07.06.2018 02:29:08
- Zuletzt bearbeitet 21.11.2024 04:05:56
serve node module suffers from Improper Handling of URL Encoding by permitting access to ignored files if a filename is URL encoded.
CVE-2018-3712
- EPSS 0.71%
- Veröffentlicht 07.06.2018 02:29:07
- Zuletzt bearbeitet 21.11.2024 04:05:55
serve node module before 6.4.9 suffers from a Path Traversal vulnerability due to not handling %2e (.) and %2f (/) and allowing them in paths, which allows a malicious user to view the contents of any directory with known path.
CVE-2018-3809
- EPSS 0.22%
- Veröffentlicht 01.06.2018 19:29:00
- Zuletzt bearbeitet 21.11.2024 04:06:04
Information exposure through directory listings in serve 6.5.3 allows directory listing and file access even when they have been set to be ignored.