Description
calmquist.static-server is a static file server. calmquist.static-server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
Remediation
References
https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/calmquist.static-server
https://nodesecurity.io/advisories/398
Related Vulnerabilities
CVE-2015-0250 Vulnerability in maven package org.eclipse.birt.runtime:org.apache.batik.dom
CVE-2018-20677 Vulnerability in maven package org.webjars.bower:bootstrap
CVE-2022-39382 Vulnerability in npm package @keystone-6/core
CVE-2021-3647 Vulnerability in npm package urijs
CVE-2022-29648 Vulnerability in maven package com.jflyfox:jflyfox_jfinal