CVE-2024-43799

Published September 10th, 2024

View on NVD ↗

CVSS v3

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

Send is a library for streaming files from the file system as a http response. Send passes untrusted user input to SendStream.redirect() which executes untrusted code. This issue is patched in send 0.19.0.

pillarjs/send

Streaming static file server with Range and conditional-GET support

GitHub

812