Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2014-6394

Опубликовано: 08 окт. 2014
Источник: debian
EPSS Низкий

Описание

visionmedia send before 0.8.4 for Node.js uses a partial comparison for verifying whether a directory is within the document root, which allows remote attackers to access restricted directories, as demonstrated using "public-restricted" under a "public" directory.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
node-sendfixed0.9.4-1package

Примечания

  • https://nodesecurity.io/advisories/send-directory-traversal

EPSS

Процентиль: 89%
0.04842
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2014-6394

ubuntu
около 11 лет назад

visionmedia send before 0.8.4 for Node.js uses a partial comparison for verifying whether a directory is within the document root, which allows remote attackers to access restricted directories, as demonstrated using "public-restricted" under a "public" directory.

redhat логотип

CVE-2014-6394

redhat
около 11 лет назад

visionmedia send before 0.8.4 for Node.js uses a partial comparison for verifying whether a directory is within the document root, which allows remote attackers to access restricted directories, as demonstrated using "public-restricted" under a "public" directory.

nvd логотип

CVE-2014-6394

nvd
около 11 лет назад

visionmedia send before 0.8.4 for Node.js uses a partial comparison for verifying whether a directory is within the document root, which allows remote attackers to access restricted directories, as demonstrated using "public-restricted" under a "public" directory.

github логотип

GHSA-xwg4-93c6-3h42

github
около 8 лет назад

Directory Traversal in send

EPSS

Процентиль: 89%
0.04842
Низкий