Description
A path traversal vulnerability in <= v0.2.6 of http-file-server npm module allows attackers to list files in arbitrary folders.
Remediation
References
https://hackerone.com/reports/570133
Related Vulnerabilities
CVE-2021-30246 Vulnerability in maven package org.webjars.bower:jsrsasign
CVE-2021-21353 Vulnerability in npm package pug
CVE-2022-24794 Vulnerability in npm package express-openid-connect
CVE-2021-44906 Vulnerability in npm package minimist
CVE-2022-21653 Vulnerability in maven package org.typelevel:jawn-parser_3