Vulnerabilidades en esm-dev
9 resultadosCVE-2025-59342MEDIUMesm.sh writes arbitrary files via path traversal in `X-Zone-Id` headerEPSS 2.8%CVE-2025-59341HIGHLocal File Inclusion in esm.shEPSS 1.5%CVE-2025-65025HIGHesm.sh CDN service has arbitrary file write via tarslipEPSS 0.5%CVE-2026-23644HIGHesm.sh has path traversal in `extractPackageTarball` that enables file writes from malicious packagesEPSS 0.5%CVE-2025-65026MEDIUMesm.sh CDN service has JS Template Literal Injection in CSS-to-JavaScriptEPSS 0.4%CVE-2025-50180HIGHesm.sh is vulnerable to full-response SSRFEPSS 0.4%CVE-2026-44593HIGHesm.sh: Legacy Route Path Traversal Can Lead to RCEEPSS 0.4%CVE-2026-27730HIGHesm.sh has SSRF localhost/private-network bypass in `/http(s)` module routeEPSS 0.3%CVE-2026-44594HIGHesm.sh: Path Traversal via package.json browser field allows reading arbitrary server filesEPSS 0.3%