Description
exxxxxxxxxxx is an Http eX Frame Google Style JavaScript Guide. exxxxxxxxxxx is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. Accessible files are restricted to those with a file extension. Files with no extension such as /etc/passwd throw an error.
Remediation
References
https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/exxxxxxxxxxx
https://nodesecurity.io/advisories/478
Related Vulnerabilities
CVE-2022-41252 Vulnerability in maven package org.jenkins-ci.plugins:cons3rt
CVE-2023-3431 Vulnerability in maven package net.sourceforge.plantuml:plantuml
CVE-2022-29167 Vulnerability in maven package org.webjars.npm:hawk
CVE-2022-25912 Vulnerability in npm package simple-git
CVE-2021-41269 Vulnerability in maven package com.cronutils:cron-utils