GHSA-23xp-j737-282v

Suggest an improvement
Source
https://github.com/advisories/GHSA-23xp-j737-282v
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2018/11/GHSA-23xp-j737-282v/GHSA-23xp-j737-282v.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-23xp-j737-282v
Aliases
  • CVE-2018-16473
Published
2018-11-06T23:12:30Z
Modified
2023-11-08T03:59:59.946072Z
Severity
  • 5.3 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
Summary
Path Traversal in takeapeek
Details

All versions of takeapeek are vulnerable to path traversal exposing files and directories.

Recommendation

As no fix is currently available for this vulnerability is it is our recommendation to use another static file server.

Database specific 
{
    "cwe_ids": [
        "CWE-22"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2020-06-16T20:51:15Z",
    "nvd_published_at": null,
    "severity": "MODERATE"
}
References

Affected packages

npm / takeapeek

Package

Name
takeapeek
View open source insights on deps.dev
Purl
pkg:npm/takeapeek

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected
Last affected
0.2.2

Database specific

source 
"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2018/11/GHSA-23xp-j737-282v/GHSA-23xp-j737-282v.json"