NodeJS/inert/1.1.0
Static file and directory handlers plugin for hapi.js
https://www.npmjs.com/package/inert
BSD
2 Security Vulnerabilities
Hidden Directories Always Served in inert
Published date: 2020-08-31T22:47:41Z
CVE: CVE-2014-10068
Links:
Versions 1.1.1 and earlier of inert
are vulnerable to an information leakage vulnerability which causes files in hidden directories to be served, even when showHidden is false.
The inert directory handler always allows files in hidden directories to be served, even when showHidden
is false.
Recommendation
Update to version >= 1.1.1.
Affected versions:
["1.0.0", "1.1.0"]
Secure versions:
[2.0.0, 1.1.1, 2.1.0, 2.1.1, 2.1.2, 2.1.3, 2.1.4, 2.1.5, 2.1.6, 3.0.0, 3.0.1, 3.0.2, 3.1.0, 3.2.0, 3.2.1, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.1.0, 4.2.0, 4.2.1, 5.0.0-rc1, 5.0.0-rc2, 5.0.0-rc4, 5.0.0-rc5, 5.0.0-rc7, 5.0.0-rc8, 5.0.0, 5.0.1, 5.1.0, 5.1.1, 5.1.2, 5.1.3]
Recommendation:
Update to version 5.1.3.
Hidden Directories Always Served
Published date: 2014-12-16
CVSS Score: 5.3
CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Coordinating vendor: ^Lift Security
Links:
The inert directory handler always allows files in hidden directories to be served, even when showHidden
is false.
Affected versions:
["1.0.0", "1.1.0"]
Secure versions:
[2.0.0, 1.1.1, 2.1.0, 2.1.1, 2.1.2, 2.1.3, 2.1.4, 2.1.5, 2.1.6, 3.0.0, 3.0.1, 3.0.2, 3.1.0, 3.2.0, 3.2.1, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.1.0, 4.2.0, 4.2.1, 5.0.0-rc1, 5.0.0-rc2, 5.0.0-rc4, 5.0.0-rc5, 5.0.0-rc7, 5.0.0-rc8, 5.0.0, 5.0.1, 5.1.0, 5.1.1, 5.1.2, 5.1.3]
Recommendation:
Update to version >= 1.1.1.
37 Other Versions
Version | License | Security | Released | |
---|---|---|---|---|
1.0.0 | BSD | 2 | 2014-10-09 - 22:39 | over 9 years |
1.1.0 | BSD | 2 | 2014-10-22 - 08:08 | over 9 years |
2.0.0 | BSD | 2014-12-09 - 22:54 | over 9 years | |
1.1.1 | BSD | 2014-12-10 - 13:39 | over 9 years | |
2.1.0 | BSD | 2015-01-12 - 09:54 | over 9 years | |
2.1.1 | BSD | 2015-01-23 - 09:27 | over 9 years | |
2.1.2 | BSD | 2015-01-26 - 17:35 | over 9 years | |
2.1.3 | BSD | 2015-02-09 - 07:44 | about 9 years | |
2.1.4 | BSD | 2015-03-10 - 07:20 | about 9 years | |
2.1.5 | BSD-3-Clause | 2015-05-21 - 17:07 | almost 9 years | |
2.1.6 | BSD-3-Clause | 2015-07-06 - 11:25 | almost 9 years | |
3.0.0 | BSD-3-Clause | 2015-08-08 - 00:40 | over 8 years | |
3.0.1 | BSD-3-Clause | 2015-08-12 - 12:19 | over 8 years | |
3.0.2 | BSD-3-Clause | 2015-10-02 - 13:22 | over 8 years | |
3.1.0 | BSD-3-Clause | 2015-10-06 - 10:17 | over 8 years | |
3.2.0 | BSD-3-Clause | 2015-10-24 - 12:08 | over 8 years | |
3.2.1 | BSD-3-Clause | 2016-05-04 - 09:52 | about 8 years | |
4.0.0 | BSD-3-Clause | 2016-05-09 - 10:39 | almost 8 years | |
4.0.1 | BSD-3-Clause | 2016-07-06 - 15:36 | almost 8 years | |
4.0.2 | BSD-3-Clause | 2016-08-23 - 11:43 | over 7 years | |
4.0.3 | BSD-3-Clause | 2016-11-29 - 02:54 | over 7 years | |
4.0.4 | BSD-3-Clause | 2016-12-22 - 00:00 | over 7 years | |
4.1.0 | BSD-3-Clause | 2016-12-27 - 20:32 | over 7 years | |
4.2.0 | BSD-3-Clause | 2017-04-03 - 11:34 | about 7 years | |
4.2.1 | BSD-3-Clause | 2017-07-22 - 21:43 | almost 7 years | |
5.0.0-rc1 | BSD-3-Clause | 2017-09-28 - 20:49 | over 6 years | |
5.0.0-rc2 | BSD-3-Clause | 2017-10-03 - 09:03 | over 6 years | |
5.0.0-rc4 | BSD-3-Clause | 2017-10-06 - 23:09 | over 6 years | |
5.0.0-rc5 | BSD-3-Clause | 2017-10-07 - 09:36 | over 6 years | |
5.0.0-rc7 | BSD-3-Clause | 2017-10-17 - 18:48 | over 6 years | |
5.0.0-rc8 | BSD-3-Clause | 2017-10-18 - 09:29 | over 6 years | |
5.0.0 | BSD-3-Clause | 2017-11-03 - 19:12 | over 6 years | |
5.0.1 | BSD-3-Clause | 2017-11-03 - 23:58 | over 6 years | |
5.1.0 | BSD-3-Clause | 2018-01-15 - 13:33 | over 6 years | |
5.1.1 | BSD-3-Clause | 2018-11-01 - 08:08 | over 5 years | |
5.1.2 | BSD-3-Clause | 2018-11-07 - 07:39 | over 5 years | |
5.1.3 | BSD-3-Clause | 2019-04-02 - 21:40 | about 5 years |