[ https://issues.apache.org/jira/browse/THRIFT-4647?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
James E. King III updated THRIFT-4647: -------------------------------------- Labels: SECURITY (was: ) > [CVE-2018-11798] Node.js Fileserver webroot path > ------------------------------------------------- > > Key: THRIFT-4647 > URL: https://issues.apache.org/jira/browse/THRIFT-4647 > Project: Thrift > Issue Type: Bug > Components: Node.js - Library > Reporter: Jake Farrell > Assignee: Jake Farrell > Priority: Critical > Labels: SECURITY > Fix For: 0.12.0 > > > Node.js fileserver allows for escaping the set file path -- This message was sent by Atlassian JIRA (v7.6.3#76005)