Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Directory Traversal
Vulnerability Description
This affects all versions of package static-dev-server. This is because when paths from users to the root directory are joined, the assets for the path accessed are relative to that of the root directory.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
N/A
Vulnerability Title
static-dev-server 路径遍历漏洞
Vulnerability Description
npm static-dev-server是美国npm公司的一个简单的 http 服务器。用于从本地目录提供静态资源文件并进行监视。 static-dev-server存在安全漏洞,该漏洞源于在连接用户到根目录的路径时,所访问路径的资产是相对于根目录的。
CVSS Information
N/A
Vulnerability Type
N/A