Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2015-8859 | 1 Send Project | 1 Send | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
The send package before 0.11.1 for Node.js allows attackers to obtain the root path via unspecified vectors. | |||||
CVE-2024-43799 | 1 Send Project | 1 Send | 2024-09-20 | N/A | 4.7 MEDIUM |
Send is a library for streaming files from the file system as a http response. Send passes untrusted user input to SendStream.redirect() which executes untrusted code. This issue is patched in send 0.19.0. |