Description
`gomeplus-h5-proxy` is vulnerable to a directory traversal issue, allowing attackers to access any file in the system by placing '../' in the URL.
Remediation
References
https://nodesecurity.io/advisories/350
https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/gomeplus-h5-proxy
Related Vulnerabilities
CVE-2019-0227 Vulnerability in maven package org.apache.axis:axis-rt-core
CVE-2022-1365 Vulnerability in npm package cross-fetch
CVE-2017-7672 Vulnerability in maven package org.apache.struts:struts2-core
CVE-2022-21670 Vulnerability in npm package markdown-it
CVE-2020-8929 Vulnerability in maven package com.google.crypto.tink:tink