GHSA-899g-6q6w-7v94

Suggest an improvement
Source
https://github.com/advisories/GHSA-899g-6q6w-7v94
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2019/02/GHSA-899g-6q6w-7v94/GHSA-899g-6q6w-7v94.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-899g-6q6w-7v94
Aliases
  • CVE-2018-16485
Published
2019-02-18T23:58:00Z
Modified
2023-11-08T04:00:00.688922Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
m-server Vulnerable to Directory Traversal
Details

Path Traversal vulnerability in module m-server <1.4.1 allows malicious user to access unauthorized content of any file in the directory tree e.g. /etc/passwd by appending slashes to the URL request.

References

Affected packages

npm / m-server

Package

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.4.1