{"vulnerability": "CVE-2018-3715", "sightings": [{"uuid": "7be81008-8f2b-4d66-b64f-da86e89c11b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-3715", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8356", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-25937\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P)\n\ud83d\udd39 Description: Versions of the package glance before 3.0.9 are vulnerable to Directory Traversal that allows users to read files outside the public root directory. This is related to but distinct from the vulnerability reported in [CVE-2018-3715](https://security.snyk.io/vuln/npm:glance:20180129).\n\ud83d\udccf Published: 2023-02-13T05:00:01.128Z\n\ud83d\udccf Modified: 2025-03-21T14:52:00.741Z\n\ud83d\udd17 References:\n1. https://security.snyk.io/vuln/SNYK-JS-GLANCE-3318395\n2. https://github.com/jarofghosts/glance/commit/8cecfe90286e0c45a5494067f1b592d0ccfeabac", "creation_timestamp": "2025-03-21T15:19:37.000000Z"}, {"uuid": "afaf98de-1d97-4ace-af83-ab3d34e183e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-3715", "type": "seen", "source": "https://t.me/cibsecurity/57985", "content": "\u203c CVE-2022-25937 \u203c\n\nVersions of the package glance before 3.0.9 are vulnerable to Directory Traversal that allows users to read files outside the public root directory. This is related to but distinct from the vulnerability reported in [CVE-2018-3715](https://security.snyk.io/vuln/npm:glance:20180129).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-13T07:29:32.000000Z"}, {"uuid": "4c76bb8c-a7cc-4052-92f5-966a75854214", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-3715", "type": "seen", "source": "https://t.me/VulnerabilityNews/31774", "content": "Versions of the package glance before 3.0.9 are vulnerable to Directory Traversal that allows users to read files outside the public root directory. This is related to but distinct from the vulnerability reported in [CVE-2018-3715](https://ift.tt/BKXdGsO).\nPublished at: February 13, 2023 at 06:15AM\nView on website", "creation_timestamp": "2023-02-13T07:42:44.000000Z"}]}