Description
Bitty is a development web server tool that functions similar to `python -m SimpleHTTPServer`. Version 0.2.10 has a directory traversal vulnerability that is exploitable via the URL path in GET requests.
Remediation
References
https://nodesecurity.io/advisories/150
Related Vulnerabilities
CVE-2017-2598 Vulnerability in maven package org.jenkins-ci.main:jenkins-core
CVE-2022-2421 Vulnerability in maven package org.webjars.npm:socket.io-parser
CVE-2020-5529 Vulnerability in maven package net.sourceforge.htmlunit:htmlunit
CVE-2018-8027 Vulnerability in maven package org.apache.camel:camel-core
CVE-2018-16487 Vulnerability in maven package org.webjars.npm:lodash.merge