Description
serveryaozeyan is a simple HTTP server. serveryaozeyan is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL.
Remediation
References
https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/serveryaozeyan
https://nodesecurity.io/advisories/355
Related Vulnerabilities
CVE-2021-34084 Vulnerability in npm package s3-uploader
CVE-2022-39382 Vulnerability in npm package @keystone-6/core
CVE-2023-24188 Vulnerability in maven package com.bstek.ureport:ureport2-core
CVE-2019-19899 Vulnerability in maven package com.mitchellbosecke:pebble
CVE-2022-39246 Vulnerability in maven package org.matrix.android:matrix-android-sdk2