Description
dylmomo is a simple file server. dylmomo is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
Remediation
References
https://nodesecurity.io/advisories/396
https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/dylmomo
Related Vulnerabilities
CVE-2019-10342 Vulnerability in maven package io.jenkins.docker:docker-plugin
CVE-2023-26155 Vulnerability in npm package node-qpdf
CVE-2023-26110 Vulnerability in npm package node-bluetooth
CVE-2016-10735 Vulnerability in maven package org.webjars.bowergithub.jasny:bootstrap
CVE-2023-44487 Vulnerability in maven package io.netty:netty-codec-http2