glance@0.1.5 vulnerabilities
disposable fileserver
-
latest version
3.0.9
-
first published
11 years ago
-
latest version published
a year ago
-
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the glance package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
glance is a quick disposable http server for static files. Affected versions of this package are vulnerable to Directory Traversal that allows users to read files outside the public root directory. This is related to but distinct from the vulnerability reported in CVE-2018-3715. How to fix Directory Traversal? Upgrade |
<3.0.9
|
glance is a quick disposable http server for static files. Affected versions of this package are vulnerable to Information Exposure. The config option How to fix Information Exposure? Upgrade |
<3.0.7
|
glance is a quick disposable http server for static files. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) attcaks. A File name, containing malicious HTML (eg. embedded iframe element or How to fix Cross-site Scripting (XSS)? There is no fix version for |
*
|
glance is a quick disposable http server for static files. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) attcaks. A File name, containing malicious HTML (eg. embedded iframe element or How to fix Cross-site Scripting (XSS)? There is no fix version for |
*
|
glance is a quick disposable http server for static files. Affected versions of this package are vulnerable to Directory Traversal. It allows to read arbitrary files from the server. How to fix Directory Traversal? Upgrade |
<3.0.4
|