Public.js Project Public.js — known CVE vulnerabilities
Every CVE whose affected-product data names Public.js Project Public.js, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2018-3731 — CVSS 7.5 (high): public node module suffers from a Path Traversal vulnerability due to lack of validation of filePath, which allows a malicious user to read…
CVE-2018-3747 — CVSS 6.1 (medium): The public node module versions <= 1.0.3 allows to embed HTML in file names, which (in certain conditions) might lead to execute malicious…