What the vulnerability does

01Description

serve node module suffers from Improper Handling of URL Encoding by permitting access to ignored files if a filename is URL encoded.

Key dates

02Disclosure timeline

June 7, 2018 CVE published
September 16, 2024 Record updated