Filtered by vendor Public.js Project Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2018-3747 1 Public.js Project 1 Public.js 2024-11-21 N/A
The public node module versions <= 1.0.3 allows to embed HTML in file names, which (in certain conditions) might lead to execute malicious JavaScript.
CVE-2018-3731 1 Public.js Project 1 Public.js 2024-11-21 7.5 High
public node module suffers from a Path Traversal vulnerability due to lack of validation of filePath, which allows a malicious user to read content of any file with known path.