Published on: Not Yet Published
Last Modified on: 02/01/2023 04:35:00 PM UTC
CVE-2022-21192Source: Mitre Source: NIST CVE.ORG Print: PDF
Certain versions of Serve-lite from Serve-lite Project contain the following vulnerability:
All versions of the package serve-lite are vulnerable to Directory Traversal due to missing input sanitization or other checks and protections employed to the req.url passed as-is to path.join().
- CVE-2022-21192 has been assigned by [email protected] to track the vulnerability - currently rated as HIGH severity.
CVSS3 Score: 7.5 - HIGH
|Path traversal vulnerability in [email protected] · GitHub|| gist.github.com |
|Directory Traversal in serve-lite | CVE-2022-21192 | Snyk|| security.snyk.io |
There are currently no QIDs associated with this CVE
Exploit/POC from Github
All versions of the package serve-lite are vulnerable to Directory Traversal due to missing input sanitization or oth…
Known Affected Configurations (CPE V2.3)
No vendor comments have been submitted for this CVE
|@CVEreport||CVE-2022-21192 : All versions of the package serve-lite are vulnerable to Directory Traversal due to missing input… twitter.com/i/web/status/1…||2023-01-26 21:37:05|