npm package
http-live-simulator
pkg:npm/http-live-simulator
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-5423 | Hig | 7.5 | < 1.0.6 | 1.0.6 | Apr 3, 2019 | Path traversal vulnerability in http-live-simulator npm package version 1.0.5 allows arbitrary path to be accessed on the file system by a remote attacker. | |
| CVE-2018-16479 | Hig | 7.5 | < 1.0.7 | 1.0.7 | Feb 1, 2019 | Path traversal vulnerability in http-live-simulator <1.0.7 causes unauthorized access to arbitrary files on disk by appending extra slashes after the URL. |
- affected < 1.0.6fixed 1.0.6
Path traversal vulnerability in http-live-simulator npm package version 1.0.5 allows arbitrary path to be accessed on the file system by a remote attacker.
- affected < 1.0.7fixed 1.0.7
Path traversal vulnerability in http-live-simulator <1.0.7 causes unauthorized access to arbitrary files on disk by appending extra slashes after the URL.