Description
This affects all versions of package fast-http. There is no path sanitization in the path provided at fs.readFile in index.js.
Remediation
References
https://snyk.io/vuln/SNYK-JS-FASTHTTP-572892
Related Vulnerabilities
CVE-2021-30074 Vulnerability in npm package docsify
CVE-2020-7763 Vulnerability in npm package phantom-html-to-pdf
CVE-2021-26291 Vulnerability in maven package org.apache.maven:apache-maven
CVE-2021-21636 Vulnerability in maven package org.jenkins-ci.plugins:tfs
CVE-2022-45387 Vulnerability in maven package org.jenkins-ci.plugins:bart