Publish GHSA-vmhw-fhj6-m3g5

advisory-database[bot] · advisory-database[bot] · commit 3311826e59ac · 2026-02-11T22:29:21.000Z
diff --git a/advisories/github-reviewed/2019/05/GHSA-vmhw-fhj6-m3g5/GHSA-vmhw-fhj6-m3g5.json b/advisories/github-reviewed/2019/05/GHSA-vmhw-fhj6-m3g5/GHSA-vmhw-fhj6-m3g5.json
@@ -1,12 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-vmhw-fhj6-m3g5",
-  "modified": "2020-08-31T18:31:33Z",
+  "modified": "2026-02-11T22:27:32Z",
   "published": "2019-05-31T23:46:33Z",
   "aliases": [],
   "summary": "Path Traversal in angular-http-server",
   "details": "Versions of `angular-http-server` before 1.4.4 are vulnerable to path traversal.\n\n\n## Recommendation\n\nUpdate to version 1.4.4 or later.",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
+    }
+  ],
   "affected": [
     {
       "package": {
@@ -37,6 +42,10 @@
       "type": "WEB",
       "url": "https://hackerone.com/reports/330349"
     },
+    {
+      "type": "PACKAGE",
+      "url": "https://github.com/simonh1000/angular-http-server"
+    },
     {
       "type": "WEB",
       "url": "https://www.npmjs.com/advisories/656"
