Description
Vitejs Vite before v2.9.13 was discovered to allow attackers to perform a directory traversal via a crafted URL to the victim's service.
Remediation
References
https://github.com/vitejs/vite/issues/8498
https://github.com/vitejs/vite/releases/tag/v2.9.13
https://github.com/vitejs/vite/releases/tag/v3.0.0-beta.4
Related Vulnerabilities
CVE-2021-26540 Vulnerability in maven package org.webjars.npm:sanitize-html
CVE-2021-23450 Vulnerability in npm package dojo
CVE-2023-26104 Vulnerability in npm package lite-web-server
CVE-2020-36181 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind
CVE-2022-29219 Vulnerability in npm package @chainsafe/lodestar