Statics-server Project Statics-server — known CVE vulnerabilities
Every CVE whose affected-product data names Statics-server Project Statics-server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2019-15596 — CVSS 7.5 (high): A path traversal in statics-server exists in all version that allows an attacker to perform a path traversal when a symlink is used within…
CVE-2018-3771 — CVSS 6.1 (medium): An XSS in statics-server <= 0.0.9 can be used via injected iframe in the filename when statics-server displays directory index in the…