CVE-2020-7646
N/A
N/A
Summary
curlrequest through 1.0.1 allows reading any file by populating the file parameter with user input.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | curlrequest | All versions including 1.0.1 | affected |
Weaknesses
- Arbitrary File Read
ADP Enrichment
CVE Program Container
Additional References
- https://snyk.io/vuln/SNYK-JS-CURLREQUEST-568274
- https://github.com/node-js-libs/curlrequest/blob/master/index.js#L239%2C
References
- https://snyk.io/vuln/SNYK-JS-CURLREQUEST-568274
- https://github.com/node-js-libs/curlrequest/blob/master/index.js#L239%2C
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.