• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-22

CVE-2020-7757

February 26, 2023 by

This affects all versions of package droppy. It is possible to traverse directories to fetch configuration files from a droopy server.

CVE-2020-7758

February 26, 2023 by

This affects versions of package browserless-chrome before 1.40.2-chrome-stable. User input flowing from the workspace endpoint gets used to create a file path filePath and this is fetched and then sent back to a user. This can be escaped to fetch arbitrary files from a server.

CVE-2020-7762

February 26, 2023 by

This affects the package jsreport-chrome-pdf before 1.10.0.

CVE-2020-7763

February 26, 2023 by

This affects the package phantom-html-to-pdf before 0.6.1.

CVE-2020-7681

February 26, 2023 by

This affects all versions of package marscode. There is no path sanitization in the path provided at fs.readFile in index.js.

CVE-2020-7682

February 26, 2023 by

This affects all versions of package marked-tree. There is no path sanitization in the path provided at fs.readFile in index.js.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 182
  • Go to page 183
  • Go to page 184
  • Go to page 185
  • Go to page 186
  • Interim pages omitted …
  • Go to page 514
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE