RSS   Vulnerabilities for 'HARP'   RSS

2019-05-10
 
CVE-2019-5438

CWE-22
 

 
Path traversal using symlink in npm harp module versions <= 0.29.0.

 
 
CVE-2019-5437

CWE-200
 

 
Information exposure through the directory listing in npm's harp module allows to access files that are supposed to be ignored according to the harp server rules.Vulnerable versions are <= 0.29.0 and no fix was applied to our knowledge.

 


Copyright 2024, cxsecurity.com

 

Back to Top