Описание
Path Traversal in 626
All versions of 626 are vulnerable to path traversal. This enables a remote attacker to read arbitrary files from the remote server using this module.
Recommendation
No fix is currently available for this vulnerability. It is our recommendation to not install or use this module at this time.
Пакеты
Наименование
626
npm
Затронутые версииВерсия исправления
>= 0.0.0
Отсутствует
Связанные уязвимости
CVSS3: 7.5
nvd
больше 7 лет назад
626 node module suffers from a Path Traversal vulnerability due to lack of validation of file, which allows a malicious user to read content of any file with known path.