VYPR

npm package

maildev

pkg:npm/maildev

Vulnerabilities (1)

  • CVE-2024-27448CriApr 5, 2024
    affected >= 2.0.0-beta1, <= 2.1.0

    MailDev 2 through 2.1.0 allows Remote Code Execution via a crafted Content-ID header for an e-mail attachment, leading to lib/mailserver.js writing arbitrary code into the routes.js file.