Vulnerabilities (CVE)

Filtered by vendor Send Project Subscribe
Filtered by product Send
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-8859 1 Send Project 1 Send 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
The send package before 0.11.1 for Node.js allows attackers to obtain the root path via unspecified vectors.
CVE-2024-43799 1 Send Project 1 Send 2024-09-20 N/A 4.7 MEDIUM
Send is a library for streaming files from the file system as a http response. Send passes untrusted user input to SendStream.redirect() which executes untrusted code. This issue is patched in send 0.19.0.