takeapeek@0.1.2 vulnerabilities

A simple static webserver with only one command

Direct Vulnerabilities

Known vulnerabilities in the takeapeek package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
Cross-site Scripting (XSS)

takeapeek is a imple static webserver with only one command. Heavily inspired by glance, this is really more of a learning experience then anything.

Affected versions of this package are vulnerable to Cross-site Scripting (XSS). The module provides a directory listing feature in it's HTTP server but it does not sanitize the filename allowing a malicious payload in the filename to be used to invoke an XSS.

How to fix Cross-site Scripting (XSS)?

There is no fixed version for takeapeek.

*
  • H
Directory Traversal

takeapeek is a simple static webserver with only one command.

Affected versions of this package are vulnerable to Directory Traversal attacks. A malicious could list directory and files.

How to fix Directory Traversal?

There is no fix version for takeapeek.

*