node-libcurl@1.3.1
The fastest http(s) client (and much more) for Node.js - Node.js bindings for libcurl
latest version
5.1.2
latest non vulnerable version
first published
12 years ago
latest version published
4 days ago
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the node-libcurl package. This does not include vulnerabilities belonging to this package’s dependencies.
Fix vulnerabilities automatically
Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.
Fix for free| Vulnerability | Vulnerable Version |
|---|---|
Affected versions of this package are vulnerable to External Control of File Name or Path via the When this function is used to duplicate an easy handle with cookies enabled, the cookie-enable state is also cloned. However, the actual cookies are not cloned, and if the source handle did not read any cookies from a specific file on disk, the cloned handle would store the file name as Note: This is only exploitable if a file named Changelog: 2023-10-04: Initial publication 2023-10-11: Published updated information, including CWE, CVSS, official references and affected versions range. How to fix External Control of File Name or Path? Upgrade | <3.0.1-0 |