simplehttpserver@0.0.5 vulnerabilities
Simple HTTP Server for static files. Intended as testing and development tool
-
latest version
0.3.0
-
first published
12 years ago
-
latest version published
6 years ago
-
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the simplehttpserver package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.| Vulnerability | Vulnerable Version |
|---|---|
simplehttpserver is an simple imitation of Python's SimpleHTTPServer and is intended for testing, development and debugging purposes. Affected versions of this package are vulnerable to Firectory Traversal attacks. A malicious user could list file in the folder. This might expose vectors to attack system with Remote Code Execution, reveals files with usernames and passwords and many other possibilities. How to fix Directory Traversal? There is no fix version for |
*
|
simplehttpserver is an simple imitation of Python's SimpleHTTPServer and is intended for testing, development and debugging purposes Affected versions of this package are vulnerable to Directory Traversal. It gets the path name of a url and adds it to the web root. A malicious user could list the files in the folder. How to fix Directory Traversal? Upgrade |
<0.2.1
|
simplehttpserver is simple imitation of python's SimpleHTTPServer and intended for testing, development and debugging purposes. Affected versions of this package are vulnerable to Cross-Site Scripting (XSS). It allows to embed HTML in file names, which (in certain conditions) might lead to execute malicious JavaScript. How to fix Cross-site Scripting (XSS)? There is no fix version for |
*
|