Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-07 | CVE-2018-3730 | Path Traversal vulnerability in Mcstatic Project Mcstatic 0.0.20 mcstatic node module suffers from a Path Traversal vulnerability due to lack of validation of filePath, which allows a malicious user to read content of any file with known path. | 7.5 |
| 2018-06-07 | CVE-2018-3729 | Path Traversal vulnerability in Localhost-Now Project Localhost-Now 1.0.1 localhost-now node module suffers from a Path Traversal vulnerability due to lack of validation of file, which allows a malicious user to read content of any file with known path. | 7.5 |
| 2018-06-07 | CVE-2018-3727 | Path Traversal vulnerability in 626 Project 626 1.1.1 626 node module suffers from a Path Traversal vulnerability due to lack of validation of file, which allows a malicious user to read content of any file with known path. | 7.5 |
| 2018-06-07 | CVE-2018-3725 | Path Traversal vulnerability in Hekto Project Hekto 0.2.0 hekto node module suffers from a Path Traversal vulnerability due to lack of validation of file, which allows a malicious user to read content of any file with known path. | 7.5 |
| 2018-06-07 | CVE-2018-3724 | Path Traversal vulnerability in General-File-Server Project General-File-Server general-file-server node module suffers from a Path Traversal vulnerability due to lack of validation of currpath, which allows a malicious user to read content of any file with known path. | 7.5 |
| 2018-06-07 | CVE-2018-3723 | Improper Input Validation vulnerability in Defaults-Deep Project Defaults-Deep defaults-deep node module before 0.2.4 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability, which allows a malicious user to modify the prototype of "Object" via __proto__, causing the addition or modification of an existing property that will exist on all objects. | 8.8 |
| 2018-06-07 | CVE-2018-3722 | Unspecified vulnerability in Merge-Deep Project Merge-Deep merge-deep node module before 3.0.1 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability, which allows a malicious user to modify the prototype of "Object" via __proto__, causing the addition or modification of an existing property that will exist on all objects. | 8.8 |
| 2018-06-07 | CVE-2018-3720 | Unspecified vulnerability in Assign-Deep Project Assign-Deep assign-deep node module before 0.4.7 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability, which allows a malicious user to modify the prototype of "Object" via __proto__, causing the addition or modification of an existing property that will exist on all objects. | 8.8 |
| 2018-06-07 | CVE-2018-3719 | Improper Input Validation vulnerability in Mixin-Deep Project Mixin-Deep mixin-deep node module before 1.3.1 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability, which allows a malicious user to modify the prototype of "Object" via __proto__, causing the addition or modification of an existing property that will exist on all objects. | 8.8 |
| 2018-06-07 | CVE-2018-3711 | Allocation of Resources Without Limits or Throttling vulnerability in Fastify Fastify node module before 0.38.0 is vulnerable to a denial-of-service attack by sending a request with "Content-Type: application/json" and a very large payload. | 7.5 |