npm package
mcstatic
pkg:npm/mcstatic
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-16482 | — | <= 0.0.20 | — | Feb 1, 2019 | A server directory traversal vulnerability was found on node module mcstatic <=0.0.20 that would allow an attack to access sensitive information in the file system by appending slashes in the URL path. | ||
| CVE-2018-3730 | Hig | 7.5 | <= 0.0.20 | — | Jun 7, 2018 | mcstatic node module suffers from a Path Traversal vulnerability due to lack of validation of filePath, which allows a malicious user to read content of any file with known path. |
- CVE-2018-16482Feb 1, 2019affected <= 0.0.20
A server directory traversal vulnerability was found on node module mcstatic <=0.0.20 that would allow an attack to access sensitive information in the file system by appending slashes in the URL path.
- affected <= 0.0.20
mcstatic node module suffers from a Path Traversal vulnerability due to lack of validation of filePath, which allows a malicious user to read content of any file with known path.