Описание
Path Traversal in buttle
All versions of buttle are vulnerable to Path Traversal. Due to insufficient input sanitization, attackers can access server files by using relative paths when fetching files.
Recommendation
No fix is currently available. Consider using an alternative module until a fix is made available.
Пакеты
Наименование
buttle
npm
Затронутые версииВерсия исправления
<= 0.2.0
Отсутствует
Связанные уязвимости
CVSS3: 7.5
nvd
больше 7 лет назад
Path traversal in buttle module versions <= 0.2.0 allows to read any file in the server.