send — CVE history (npm)
send
2 CVEs affect the send npm package (highest CVSS 5.3). Latest disclosed: 2024-09-10. Full CVE history sourced from NVD.
Summary
- Package
send(npm)- Total CVEs
2- Actively exploited (CISA KEV)
- 0
- Highest CVSS
5.3- Latest disclosed
- 2024-09-10
Recent CVEs (top 2)
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2024-43799 | Medium | 5.0 | — | 2024-09-10 | Send is a library for streaming files from the file system as a http response. |
CVE-2015-8859 | Medium | 5.3 | — | 2017-01-23 | The send package before 0.11.1 for Node.js allows attackers to obtain the root path via unspecified vectors. |
All-time worst (top 2 by CVSS)
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2015-8859 | Medium | 5.3 | — | 2017-01-23 | The send package before 0.11.1 for Node.js allows attackers to obtain the root path via unspecified vectors. |
CVE-2024-43799 | Medium | 5.0 | — | 2024-09-10 | Send is a library for streaming files from the file system as a http response. |