Oval Definition:oval:com.ubuntu.cosmic:def:20146394000
Revision Date:2014-10-08Version:1
Title:CVE-2014-6394 on Ubuntu 18.10 (cosmic) - medium.
Description:visionmedia send before 0.8.4 for Node.js uses a partial comparison for verifying whether a directory is within the document root, which allows remote attackers to access restricted directories, as demonstrated using "public-restricted" under a "public" directory.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2014-6394
Platform(s):Ubuntu 18.10
Product(s):
Definition Synopsis
  • Ubuntu 18.10 (cosmic) is installed.
  • AND The vulnerability of the 'node-send' package in cosmic is not known (status: 'needs-triage'). It is pending evaluation.
    • BACK