Description
A path traversal in statics-server exists in all version that allows an attacker to perform a path traversal when a symlink is used within the working directory.
Remediation
References
https://hackerone.com/reports/695416
Related Vulnerabilities
CVE-2022-29546 Vulnerability in maven package net.sourceforge.htmlunit:neko-htmlunit
CVE-2021-21290 Vulnerability in maven package io.netty:netty-common
CVE-2022-25929 Vulnerability in npm package smoothie
CVE-2021-44667 Vulnerability in maven package com.alibaba.nacos:nacos-common
CVE-2021-39149 Vulnerability in maven package com.thoughtworks.xstream:xstream