Skip to main content

Webpack Dev Middleware

1 CVEs product

Monthly

CVE-2024-29180 npm HIGH POC PATCH This Week

Prior to versions 7.1.0, 6.1.2, and 5.3.4, the webpack-dev-middleware development middleware for devpack does not validate the supplied URL address sufficiently before returning the local file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Path Traversal Webpack Dev Middleware
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
EPSS 1% CVSS 7.5
HIGH POC PATCH This Week

Prior to versions 7.1.0, 6.1.2, and 5.3.4, the webpack-dev-middleware development middleware for devpack does not validate the supplied URL address sufficiently before returning the local file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Path Traversal Webpack Dev Middleware
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy