npm package
localhost-now
pkg:npm/localhost-now
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-5416 | — | <= 1.0.2 | — | Mar 17, 2019 | A path traversal vulnerability in localhost-now npm package version 1.0.2 allows the attackers to read content of arbitrary files on the remote server. | ||
| CVE-2018-3729 | Hig | 7.5 | < 1.0.2 | 1.0.2 | Jun 7, 2018 | localhost-now node module suffers from a Path Traversal vulnerability due to lack of validation of file, which allows a malicious user to read content of any file with known path. |
- CVE-2019-5416Mar 17, 2019affected <= 1.0.2
A path traversal vulnerability in localhost-now npm package version 1.0.2 allows the attackers to read content of arbitrary files on the remote server.
- affected < 1.0.2fixed 1.0.2
localhost-now node module suffers from a Path Traversal vulnerability due to lack of validation of file, which allows a malicious user to read content of any file with known path.