Description
Versions less than 0.1.4 of the static file server module fancy-server are vulnerable to directory traversal. An attacker can provide input such as `../` to read files outside of the served directory.
Remediation
References
https://nodesecurity.io/advisories/9
Related Vulnerabilities
CVE-2021-23358 Vulnerability in maven package org.webjars.bower:underscore
CVE-2022-40664 Vulnerability in maven package org.apache.shiro:shiro-core
CVE-2021-23378 Vulnerability in npm package picotts
CVE-2018-3731 Vulnerability in npm package public
CVE-2019-1003050 Vulnerability in maven package org.jenkins-ci.main:jenkins-core