Vulnerabilities (CVE)

Filtered by vendor Harpjs Subscribe
Filtered by product Harp
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-5438 1 Harpjs 1 Harp 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
Path traversal using symlink in npm harp module versions <= 0.29.0.
CVE-2019-5437 1 Harpjs 1 Harp 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
Information exposure through the directory listing in npm's harp module allows to access files that are supposed to be ignored according to the harp server rules.Vulnerable versions are <= 0.29.0 and no fix was applied to our knowledge.