Description
Vitejs Vite before v2.9.13 was discovered to allow attackers to perform a directory traversal via a crafted URL to the victim's service.
Remediation
References
https://github.com/vitejs/vite/issues/8498
https://github.com/vitejs/vite/releases/tag/v2.9.13
https://github.com/vitejs/vite/releases/tag/v3.0.0-beta.4
Related Vulnerabilities
CVE-2021-23358 Vulnerability in maven package org.webjars.bowergithub.jashkenas:underscore
CVE-2020-36182 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind
CVE-2021-23346 Vulnerability in npm package html-parse-stringify
CVE-2017-3203 Vulnerability in maven package org.springframework.flex:spring-flex-core
CVE-2022-34113 Vulnerability in maven package io.dataease:dataease-plugin-common