CVE-2018-3718: Improper Handling of URL Encoding (Hex Encoding)

June 7, 2018 (updated October 9, 2019)

serve node module suffers from Improper Handling of URL Encoding by permitting access to ignored files if a filename is URL encoded.

References

nvd.nist.gov/vuln/detail/CVE-2018-3718

Detect and mitigate CVE-2018-3718 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →