CVE-2018-3712
N/A
N/A
Summary
serve node module before 6.4.9 suffers from a Path Traversal vulnerability due to not handling %2e (.) and %2f (/) and allowing them in paths, which allows a malicious user to view the contents of any directory with known path.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| HackerOne | serve node module | Versions before 6.4.9 | affected |
Weaknesses
- CWE-22: Path Traversal (CWE-22)
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.