Description
serverhuwenhui is a simple http server. serverhuwenhui is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL.
Remediation
References
https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/serverhuwenhui
https://nodesecurity.io/advisories/366
Related Vulnerabilities
CVE-2021-21368 Vulnerability in npm package msgpack5
CVE-2020-15999 Vulnerability in npm package electron
CVE-2020-8137 Vulnerability in maven package org.webjars.npm:uppy
CVE-2021-31522 Vulnerability in maven package org.apache.kylin:kylin-server-base
CVE-2011-2481 Vulnerability in maven package org.apache.tomcat.embed:tomcat-embed-core