Navigation Menu

Skip to content

Path Traversal in servey

Moderate severity GitHub Reviewed Published Jun 6, 2019 to the GitHub Advisory Database • Updated Jan 9, 2023

Package

npm servey (npm)

Affected versions

< 3.1.0

Patched versions

3.1.0

Description

Versions of servey prior to 3.x are vulnerable to Path Traversal. Due to insufficient input sanitization, attackers can access server files by using relative paths.

Recommendation

Upgrade to the latest version

References

Reviewed Jun 6, 2019
Published to the GitHub Advisory Database Jun 6, 2019
Last updated Jan 9, 2023

Severity

Moderate

Weaknesses

CVE ID

No known CVE

GHSA ID

GHSA-rv49-54qp-fw42

Source code

No known source code
Checking history
See something to contribute? Suggest improvements for this vulnerability.