CVE History
| CVE | Affected | Published | CVSS v3 | CVSS v2 |
|---|---|---|---|---|
| < 0.19.0 | 5 MEDIUM | — | ||
Send is a library for streaming files from the file system as a http response. Send passes untrusted user input to SendStream.redirect() which executes untrusted code. This issue is patched in send 0.19.0. | ||||
| < 0.11.1 | 5.3 MEDIUM | 5 MEDIUM | ||
The send package before 0.11.1 for Node.js allows attackers to obtain the root path via unspecified vectors. | ||||