hekto node module suffers from a Path Traversal vulnerability due to lack of validation of file, which allows a malicious user to read content of any file with known path.
References
Link | Resource |
---|---|
https://hackerone.com/reports/311218 | Exploit Third Party Advisory |
Configurations
Information
Published : 2018-06-06 19:29
Updated : 2023-01-30 08:52
NVD link : CVE-2018-3725
Mitre link : CVE-2018-3725
JSON object : View
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Products Affected
hekto_project
- hekto