This affects all versions of package fast-http. There is no path sanitization in the path provided at fs.readFile in index.js.
References
Link | Resource |
---|---|
https://snyk.io/vuln/SNYK-JS-FASTHTTP-572892 | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: snyk
Published: 2020-07-25T00:00:00
Updated: 2020-07-25T08:40:16
Reserved: 2020-01-21T00:00:00
Link: CVE-2020-7687
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-07-25T09:15:12.087
Modified: 2020-07-27T14:25:16.767
Link: CVE-2020-7687
JSON object: View
Redhat Information
No data.
CWE