Description
cyber-js is a simple http server. A cyberjs server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
Remediation
References
https://nodesecurity.io/advisories/347
https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/cyber-js
Related Vulnerabilities
CVE-2020-15125 Vulnerability in npm package auth0
CVE-2023-49381 Vulnerability in maven package com.jfinal:jfinal
CVE-2021-29485 Vulnerability in maven package io.ratpack:ratpack-session
CVE-2023-32261 Vulnerability in maven package org.jenkins-ci.plugins:dimensionsscm
CVE-2018-14042 Vulnerability in maven package org.webjars.bowergithub.angular-ui:bootstrap