npm package
hekto
pkg:npm/hekto
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-3725 | Hig | 7.5 | < 0.2.3 | 0.2.3 | Jun 7, 2018 | hekto node module suffers from a Path Traversal vulnerability due to lack of validation of file, which allows a malicious user to read content of any file with known path. | |
| CVE-2018-3743 | Med | 6.1 | < 0.2.4 | 0.2.4 | Jun 1, 2018 | Open redirect in hekto <=0.2.3 when target domain name is used as html filename on server. |
- affected < 0.2.3fixed 0.2.3
hekto node module suffers from a Path Traversal vulnerability due to lack of validation of file, which allows a malicious user to read content of any file with known path.
- affected < 0.2.4fixed 0.2.4
Open redirect in hekto <=0.2.3 when target domain name is used as html filename on server.