Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-26111

All versions of the package @nubosoftware/node-static; all versions of the package node-static are vulnerable to Directory Traversal due to improper file path sanitization in the startsWith() method in the servePath function.

CVE
Open in Source

Related news

GHSA-5g97-whc9-8g7j: node-static and @nubosoftware/node-static vulnerable to Directory Traversal

node-static and the fork @nubosoftware/node-static are vulnerable to Directory Traversal due to improper file path sanitization in the startsWith() method in the servePath function.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE