CVE-2018-11798 (retired)

The Apache Thrift Node.js static web server in versions 0.9.2 through
0.11.0 have been determined to contain a security vulnerability in which a
remote user has the ability to access files outside the set webservers
docroot path.
Upstream:released (0.11.0-4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):DNE
More Information

Updated: 2019-03-26 12:26:58 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)