VYPR

npm package

localhost-now

pkg:npm/localhost-now

Vulnerabilities (2)

  • CVE-2019-5416Mar 17, 2019
    affected <= 1.0.2

    A path traversal vulnerability in localhost-now npm package version 1.0.2 allows the attackers to read content of arbitrary files on the remote server.

  • CVE-2018-3729HigJun 7, 2018
    affected < 1.0.2fixed 1.0.2

    localhost-now node module suffers from a Path Traversal vulnerability due to lack of validation of file, which allows a malicious user to read content of any file with known path.