CVE-2023-39584
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in npm/hexo
Identifiers
CVE-2023-39584
Package Slug
npm/hexo
Vulnerability
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Description
Hexo up to v7.0.0 (RC2) was discovered to contain an arbitrary file read vulnerability.
Affected Versions
All versions up to 6.3.0, version 7.0.0
Solution
Unfortunately, there is no solution available yet.
Last Modified
2023-09-14
| source |