VYPR

npm package

node-red-contrib-huemagic

pkg:npm/node-red-contrib-huemagic

Vulnerabilities (1)

  • CVE-2021-25864HigJan 26, 2021
    affected <= 3.0.0

    node-red-contrib-huemagic 3.0.0 is affected by hue/assets/..%2F Directory Traversal.in the res.sendFile API, used in file hue-magic.js, to fetch an arbitrary file.