Uploaded image for project: 'Thrift'
  1. Thrift
  2. THRIFT-4647

[CVE-2018-11798] Node.js Fileserver webroot path

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Critical
    • Resolution: Fixed
    • 0.9.2
    • 0.12.0
    • Node.js - Library

    Description

      Node.js fileserver allows for escaping the set file path 

      https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-11798

      Attachments

        Activity

          People

            jfarrell Jake Farrell
            jfarrell Jake Farrell
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: