Skip to main content

Hekto

2 CVEs product

Monthly

CVE-2018-3725 npm HIGH POC PATCH This Week

hekto node module suffers from a Path Traversal vulnerability due to lack of validation of file, which allows a malicious user to read content of any file with known path. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Hekto
NVD
CVSS 3.1
7.5
EPSS
2.0%
CVE-2018-3743 npm MEDIUM POC PATCH This Month

Open redirect in hekto <=0.2.3 when target domain name is used as html filename on server. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Open Redirect Hekto
NVD
CVSS 3.1
6.1
EPSS
0.9%
EPSS 2% CVSS 7.5
HIGH POC PATCH This Week

hekto node module suffers from a Path Traversal vulnerability due to lack of validation of file, which allows a malicious user to read content of any file with known path. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Hekto
NVD
EPSS 1% CVSS 6.1
MEDIUM POC PATCH This Month

Open redirect in hekto <=0.2.3 when target domain name is used as html filename on server. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Open Redirect Hekto
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy