Description
A path traversal vulnerability in localhost-now npm package version 1.0.2 allows the attackers to read content of arbitrary files on the remote server.
Remediation
References
https://hackerone.com/reports/334837
Related Vulnerabilities
CVE-2023-29199 Vulnerability in npm package vm2
CVE-2018-16485 Vulnerability in npm package m-server
CVE-2023-44487 Vulnerability in maven package io.netty:netty-codec-http2
CVE-2023-33246 Vulnerability in maven package org.apache.rocketmq:rocketmq-broker
CVE-2021-27568 Vulnerability in maven package net.minidev:json-smart