Medium severity6.5NVD Advisory· Published Nov 2, 2020· Updated Jun 17, 2026
CVE-2020-7757
CVE-2020-7757
Description
This affects all versions of package droppy. It is possible to traverse directories to fetch configuration files from a droopy server.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
droppynpm | <= 12.2.0 | — |
Affected products
1Patches
Vulnerability mechanics
References
4- snyk.io/vuln/SNYK-JS-DROPPY-1023656nvdExploitThird Party AdvisoryWEB
- github.com/advisories/GHSA-grv5-w5vr-8h98ghsaADVISORY
- github.com/silverwind/droppy/blob/master/server/server.js%23L845nvdBroken LinkThird Party AdvisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2020-7757ghsaADVISORY
News mentions
0No linked articles in our index yet.