takeapeek@0.1.4 vulnerabilities

A simple static webserver with only one command

  • latest version

    0.2.2

  • first published

    11 years ago

  • latest version published

    8 years ago

  • deprecated

    Package is deprecated

  • licenses detected

  • Direct Vulnerabilities

    Known vulnerabilities in the takeapeek package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • M
    Cross-site Scripting (XSS)

    takeapeek is a imple static webserver with only one command. Heavily inspired by glance, this is really more of a learning experience then anything.

    Affected versions of this package are vulnerable to Cross-site Scripting (XSS). The module provides a directory listing feature in it's HTTP server but it does not sanitize the filename allowing a malicious payload in the filename to be used to invoke an XSS.

    How to fix Cross-site Scripting (XSS)?

    There is no fixed version for takeapeek.

    *
    • H
    Directory Traversal

    takeapeek is a simple static webserver with only one command.

    Affected versions of this package are vulnerable to Directory Traversal attacks. A malicious could list directory and files.

    How to fix Directory Traversal?

    There is no fix version for takeapeek.

    *