1 results (0.005 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 2

This affects all versions of package static-dev-server. This is because when paths from users to the root directory are joined, the assets for the path accessed are relative to that of the root directory. Esto afecta a todas las versiones del paquete static-dev-server. Esto se debe a que cuando se unen las rutas de los usuarios al directorio raíz, los activos de la ruta a la que se accede son relativos a los del directorio raíz. • https://gist.github.com/lirantal/5550bcd0bdf92c1b56fbb20e141fe5bd https://security.snyk.io/vuln/SNYK-JS-STATICDEVSERVER-3149917 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •