GCVE - cpe:2.3:a:n/a:lite-dev-server:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:lite-dev-server:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	N/A (`22f567d3-1203-528c-8f0e-3eb9c2f6ca78`)
Product	Lite Dev Server (`ad303579-3e02-57c6-922c-c45c12f02e48`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2022-25895`	vulnerable	2026-06-08 05:41:49.643672	Directory Traversal HIGH (7.5) All versions of package lite-dev-server are vulnerable to Directory Traversal due to missing input sanitization and sandboxes being employed to the req.url user input that is passed to the server code. Published: 2022-12-21T23:14:33.786Z Updated: 2025-04-16T18:32:59.442Z Open on db.gcve.eu Reference links https://security.snyk.io/vuln/SNYK-JS-LITEDEVSERVER-3153718 https://github.com/shadowwzw/lite-dev-server/blob/master/src/server.js%23L134 https://gist.github.com/lirantal/0f8a48c3f5ac581ce73123abe9f7f120	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.