Security advisory for loopback-component-storage
42 views
Skip to first unread message
mbaj...@gmail.com
Mar 13, 2017, 10:07:42 AM3/13/17
to LoopBackJS Announcements
Description
A security leak exposing loopback-component-storage to directory traversal attack. The component was exposed to a vulnerability where an attacker could use a command to retrieve the content of the server.js file of a LoopBack application and crash the server.
Versions affected
loopback-component-storage 3.0.0 and earlier. Since this affects a component, it applies to both LoopBack v2 and v3 apps.
loopback-component-storage 3.0.0 and earlier. Since this affects a component, it applies to both LoopBack v2 and v3 apps.
Please see http://loopback.io/doc/en/lb3/Security-advisory-03-10-2017.html for more details.
Miroslav
Reply all
Reply to author
Forward
0 new messages