Filtered by vendor Openjsf Subscriptions
Filtered by product Serve-static Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-43800 2 Openjsf, Redhat 9 Serve-static, Network Observ Optr, Openshift Data Foundation and 6 more 2024-09-20 5 Medium
serve-static serves static files. serve-static passes untrusted user input - even after sanitizing it - to redirect() may execute untrusted code. This issue is patched in serve-static 1.16.0.