CVE-2014-3744

Published October 23rd, 2017

View on NVD ↗

CVSS v3

N/A

CVSS v2

MEDIUM

Affected

PROJECT

Description

Directory traversal vulnerability in the st module before 0.2.5 for Node.js allows remote attackers to read arbitrary files via a %2e%2e (encoded dot dot) in an unspecified path.

isaacs/st

A node module for serving static files. Does etags, caching, etc.

GitHub

382