CVE-2024-46503

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions Simple-Spellchecker version 1.0.2

Description An issue in the readFileSync function allows attackers to read arbitrary files via a directory traversal. This issue affects the readFileSync function, enabling attackers to read any file.

Recommendations For Simple-Spellchecker version 1.0.2, consider disabling the readFileSync function as a temporary workaround until a patch is available. Restrict access to sensitive files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2024-46503

Affected Products

Simple-Spellchecker

CVE-2024-46503

Related Identifiers

Affected Products

References · 7