Description
This affects all versions of package fast-http. There is no path sanitization in the path provided at fs.readFile in index.js.
Remediation
References
https://snyk.io/vuln/SNYK-JS-FASTHTTP-572892
Related Vulnerabilities
CVE-2020-15138 Vulnerability in maven package org.webjars.npm:prismjs
CVE-2021-42228 Vulnerability in npm package kindeditor
CVE-2020-7785 Vulnerability in npm package node-ps
CVE-2020-13936 Vulnerability in maven package org.apache.velocity:velocity-engine-core
CVE-2021-44585 Vulnerability in maven package org.jeecgframework.boot:jeecg-boot-base