ByteOS Network

NVD Vulnerability Details :

CVE-2019-5444

Analyzed

Source-support@hackerone.com

Published At-10 Jul, 2019 | 20:15

Updated At-02 Dec, 2022 | 22:39

Path traversal vulnerability in version up to v1.1.3 in serve-here.js npm module allows attackers to list any file in arbitrary folder.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Type	Version	Base score	Base severity	Vector
Primary	3.1	5.3	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Primary	2.0	5.0	MEDIUM	AV:N/AC:L/Au:N/C:P/I:N/A:N

serve-here.js_project>>serve-here.js>>Versions up to 1.1.3(inclusive)

CWE ID	Type	Source
CWE-22	Primary	nvd@nist.gov
CWE-22	Secondary	support@hackerone.com

Hyperlink	Source	Resource
https://hackerone.com/reports/569966	support@hackerone.com	Exploit Patch Third Party Advisory