Security Advisory

CVE-2017-14849

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2017-09-28 00:00:00

Last updated 2024-08-05 19:42:22

Assigner mitre

State PUBLISHED

Description

Node.js 8.5.0 before 8.6.0 allows remote attackers to access unintended files, because a change to ".." handling was incompatible with the pathname validation used by unspecified community modules.

← Browse all CVEs View on cve.org ↗