Описание
static-dev-server vulnerable to path traversal
A path traversal vulnerability affects all versions of package static-dev-server. This is because when paths from users to the root directory are joined, the assets for the path accessed are relative to that of the root directory. There is currently no known workaround or fix for this issue.
Пакеты
Наименование
static-dev-server
npm
Затронутые версииВерсия исправления
= 1.0.0
Отсутствует
Связанные уязвимости
CVSS3: 7.5
nvd
около 3 лет назад
This affects all versions of package static-dev-server. This is because when paths from users to the root directory are joined, the assets for the path accessed are relative to that of the root directory.