High severity7.5NVD Advisory· Published May 29, 2018· Updated Jun 17, 2026
CVE-2018-3733
CVE-2018-3733
Description
crud-file-server node module before 0.9.0 suffers from a Path Traversal vulnerability due to incorrect validation of url, which allows a malicious user to read content of any file with known path.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
crud-file-servernpm | < 0.9.0 | 0.9.0 |
Affected products
2- Range: Versions before 0.9.0
Patches
Vulnerability mechanics
References
5- github.com/omphalos/crud-file-server/commit/4fc3b404f718abb789f4ce4272c39c7a138c7a82nvdPatchThird Party AdvisoryWEB
- hackerone.com/reports/310690nvdExploitIssue TrackingThird Party AdvisoryWEB
- github.com/advisories/GHSA-vfp9-gwrh-wq9gghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2018-3733ghsaADVISORY
- www.npmjs.com/advisories/1003ghsaWEB
News mentions
0No linked articles in our index yet.