CVE-2020-36651
Path Traversal in web-node-server
7.5
HIGH
CVSS 3.1
EPSS 0.33%
描述
A vulnerability has been found in youngerheart nodeserver and classified as critical. Affected by this vulnerability is an unknown functionality of the file nodeserver.js. The manipulation leads to path traversal. The name of the patch is c4c0f0138ab5afbac58e03915d446680421bde28. It is recommended to apply a patch to fix this issue. The identifier VDB-218461 was assigned to this vulnerability.
如何修補 CVE-2020-36651
要修補 CVE-2020-36651,請將受影響套件升級到下列已修補版本。
- —升級至 0.0.11 或更新版本
CVE-2020-36651 正在被利用嗎?
低 — EPSS 為 0.3%,目前沒有觀察到大規模利用活動。
受影響套件(1)
- from 0, < 0.0.11
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.5 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |