Description
The send package before 0.11.1 for Node.js allows attackers to obtain the root path via unspecified vectors.
Remediation
References
https://nodesecurity.io/advisories/56
http://www.openwall.com/lists/oss-security/2016/04/20/11
http://www.securityfocus.com/bid/96435
Related Vulnerabilities
CVE-2019-18394 Vulnerability in maven package org.igniterealtime.openfire:parent
CVE-2019-10742 Vulnerability in maven package org.webjars.npm:axios
CVE-2023-26115 Vulnerability in npm package word-wrap
CVE-2023-48241 Vulnerability in maven package org.xwiki.platform:xwiki-platform-search-solr-query
CVE-2020-27218 Vulnerability in maven package org.eclipse.jetty:jetty-server