Directory Traversal

Module: send

Published: September 12th, 2014

Reported by: Ilya Kantor

CVE-2014-6394

Vulnerable: < 0.8.4
Patched: >= 0.8.4

Overview

When relying on the root option to restrict file access it may be possible for an application consumer to escape out of the restricted directory and access files in a similarly named directory. For example, static(_dirname + '/public') would allow access to _dirname + '/public-restricted'.

Remediation

Upgrade to a version greater than or equal to 0.8.4.

References

Sign up FREE for
nsp Continuous Security

Free for open source and the first private repo,
then just $1/mo per private repo