Description
http_static_simple is an http server. http_static_simple is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
Remediation
References
https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/http_static_simple
https://nodesecurity.io/advisories/472
Related Vulnerabilities
CVE-2020-8137 Vulnerability in maven package org.webjars.npm:uppy
CVE-2021-41532 Vulnerability in maven package org.apache.ozone:ozone-recon
CVE-2023-40340 Vulnerability in maven package org.jenkins-ci.plugins:nodejs
CVE-2021-29443 Vulnerability in npm package jose
CVE-2020-13935 Vulnerability in maven package org.apache.tomcat:tomcat-websocket