Description
node-simple-router is a minimalistic router for Node. node-simple-router is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL.
Remediation
References
https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/node-simple-router
https://nodesecurity.io/advisories/352
Related Vulnerabilities
CVE-2020-7793 Vulnerability in maven package org.webjars.npm:ua-parser-js
CVE-2022-21169 Vulnerability in npm package express-xss-sanitizer
CVE-2022-41929 Vulnerability in maven package org.xwiki.platform:xwiki-platform-oldcore
CVE-2022-34112 Vulnerability in maven package io.dataease:dataease-plugin-common
CVE-2022-36025 Vulnerability in maven package org.hyperledger.besu:evm