FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-16 06:42:40 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
1257718e-be97-458a-9744-d938b592db42	node -- access to unintended files node developers report: Node.js 8.5.0 before 8.6.0 allows remote attackers to access unintended files, because a change to ".." handling was incompatible with the pathname validation used by unspecified community modules. Discovery 2017-09-27 Entry 2017-10-10 node ge 8.5.0 lt 8.6.0 http://www.securityfocus.com/bid/101056 CVE-2017-14849

VuXML ID

Description

1257718e-be97-458a-9744-d938b592db42

node -- access to unintended files

node developers report:

Node.js 8.5.0 before 8.6.0 allows remote attackers to access unintended files, because a change to ".." handling was incompatible with the pathname validation used by unspecified community modules.

Discovery 2017-09-27
Entry 2017-10-10
node

ge 8.5.0 lt 8.6.0

http://www.securityfocus.com/bid/101056
CVE-2017-14849