Description
pooledwebsocket is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
Remediation
References
https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/pooledwebsocket
https://nodesecurity.io/advisories/341
Related Vulnerabilities
CVE-2023-29208 Vulnerability in maven package org.xwiki.platform:xwiki-platform-oldcore
CVE-2017-11467 Vulnerability in maven package com.orientechnologies:orientdb-core
CVE-2013-6397 Vulnerability in maven package org.apache.solr:solr-velocity
CVE-2023-27495 Vulnerability in npm package @fastify/csrf-protection
CVE-2022-3510 Vulnerability in maven package com.google.protobuf:protobuf-javalite