Description
node-srv node module suffers from a Path Traversal vulnerability due to lack of validation of url, which allows a malicious user to read content of any file with known path.
Remediation
References
https://hackerone.com/reports/309124
Related Vulnerabilities
CVE-2022-29577 Vulnerability in maven package org.owasp:antisamy
CVE-2020-2256 Vulnerability in maven package org.jenkins-ci.plugins:pipeline-maven-parent
CVE-2022-25853 Vulnerability in npm package semver-tags
CVE-2020-7961 Vulnerability in maven package com.liferay.portal:portal-impl
CVE-2019-17495 Vulnerability in maven package org.webjars:swagger-ui