Description
Bitty is a development web server tool that functions similar to `python -m SimpleHTTPServer`. Version 0.2.10 has a directory traversal vulnerability that is exploitable via the URL path in GET requests.
Remediation
References
https://nodesecurity.io/advisories/150
Related Vulnerabilities
CVE-2018-19797 Vulnerability in npm package node-sass
CVE-2020-7755 Vulnerability in npm package dat.gui
CVE-2023-30529 Vulnerability in maven package org.jenkins-ci.plugins:lucene-search
CVE-2020-17479 Vulnerability in npm package jpv
CVE-2018-9207 Vulnerability in maven package org.webjars.bowergithub.blueimp:jquery-file-upload