Directory Listing Information Exposure in npm's Harp Module
CVE-2019-5437 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
Information exposure through the directory listing in npm's harp module allows to access files that are supposed to be ignored according to the harp server rules.Vulnerable versions are <= 0.29.0 and no fix was applied to our knowledge.
Learn more about our Cis Benchmark Audit For Server Software.