Medium severity5.5NVD Advisory· Published Dec 25, 2022· Updated Jun 17, 2026
CVE-2020-36629
CVE-2020-36629
Description
A vulnerability classified as critical was found in SimbCo httpster. This vulnerability affects the function fs.realpathSync of the file src/server.coffee. The manipulation leads to path traversal. The exploit has been disclosed to the public and may be used. The name of the patch is d3055b3e30b40b65d30c5a06d6e053dffa7f35d0. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216748.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
httpsternpm | < 1.1.0 | 1.1.0 |
Affected products
2Patches
Vulnerability mechanics
References
5- github.com/SimbCo/httpster/commit/d3055b3e30b40b65d30c5a06d6e053dffa7f35d0nvdPatchThird Party AdvisoryWEB
- github.com/SimbCo/httpster/pull/36nvdExploitPatchThird Party AdvisoryWEB
- github.com/advisories/GHSA-p8j8-wxvp-h695ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-36629ghsaADVISORY
- vuldb.comnvdThird Party AdvisoryWEB
News mentions
0No linked articles in our index yet.