npm package
simplehttpserver
pkg:npm/simplehttpserver
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-16478 | — | <= 0.3.0 | — | Dec 4, 2018 | A Path Traversal in simplehttpserver versions <=0.2.1 allows to list any file in another folder of web root. | ||
| CVE-2018-3787 | — | < 0.2.1 | 0.2.1 | Aug 31, 2018 | Path traversal in simplehttpserver <v0.2.1 allows listing any file on the server. | ||
| CVE-2018-3716 | — | < 0.1.0 | 0.1.0 | Jun 7, 2018 | simplehttpserver node module suffers from a Cross-Site Scripting vulnerability to a lack of validation of file names. |
- CVE-2018-16478Dec 4, 2018affected <= 0.3.0
A Path Traversal in simplehttpserver versions <=0.2.1 allows to list any file in another folder of web root.
- CVE-2018-3787Aug 31, 2018affected < 0.2.1fixed 0.2.1
Path traversal in simplehttpserver <v0.2.1 allows listing any file on the server.
- CVE-2018-3716Jun 7, 2018affected < 0.1.0fixed 0.1.0
simplehttpserver node module suffers from a Cross-Site Scripting vulnerability to a lack of validation of file names.