CVE-2020-36629
CVSS V2 None
CVSS V3 None
Description
A vulnerability classified as critical was found in SimbCo httpster. This vulnerability affects the function fs.realpathSync of the file src/server.coffee. The manipulation leads to path traversal. The exploit has been disclosed to the public and may be used. The name of the patch is d3055b3e30b40b65d30c5a06d6e053dffa7f35d0. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216748.
Overview
- CVE ID
- CVE-2020-36629
- Assigner
- cna@vuldb.com
- Vulnerability Status
- Analyzed
- Published Version
- 2022-12-25T11:15:10
- Last Modified Date
- 2023-01-04T20:49:04
Weakness Enumerations
CPE Configuration (Product)
| CPE | Vulnerable | Operator | Version Start | Version End |
|---|---|---|---|---|
| cpe:2.3:a:httpster_project:httpster:*:*:*:*:*:node.js:*:* | 1 | OR | 2020-11-19 |
References
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2020-36629 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36629 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2022-12-25 12:16:04 | Added to TrackCVE | |||
| 2022-12-25 12:16:04 | Weakness Enumeration | new | ||
| 2022-12-27 14:15:41 | 2022-12-27T13:48:11 | CVE Modified Date | updated | |
| 2022-12-27 14:15:41 | Received | Awaiting Analysis | Vulnerability Status | updated |
| 2022-12-27 14:15:45 | CVSS V3 information | new | ||
| 2022-12-29 19:14:29 | Awaiting Analysis | Undergoing Analysis | Vulnerability Status | updated |
| 2022-12-29 19:14:32 | CVSS V3 information | new | ||
| 2023-01-04 21:14:33 | 2023-01-04T20:49:04 | CVE Modified Date | updated | |
| 2023-01-04 21:14:33 | Undergoing Analysis | Analyzed | Vulnerability Status | updated |
| 2023-01-04 21:14:35 | CPE Information | updated | ||
| 2023-01-04 21:14:35 | CVSS V3 information | new |