Releases0

CVE History

CVEAffectedPublishedCVSS v3CVSS v2
< 0.19.05 MEDIUM

Send is a library for streaming files from the file system as a http response. Send passes untrusted user input to SendStream.redirect() which executes untrusted code. This issue is patched in send 0.19.0.

< 0.11.15.3 MEDIUM5 MEDIUM

The send package before 0.11.1 for Node.js allows attackers to obtain the root path via unspecified vectors.