Description
infraserver is a RESTful server. infraserver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
Remediation
References
https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/infraserver
https://nodesecurity.io/advisories/471
Related Vulnerabilities
CVE-2023-42399 Vulnerability in maven package org.webjars.npm:jodit
CVE-2021-41167 Vulnerability in npm package modern-async
CVE-2021-21616 Vulnerability in maven package org.biouno:uno-choice
CVE-2022-43435 Vulnerability in maven package org.jenkins-ci.plugins.plugin:fireline
CVE-2020-7696 Vulnerability in npm package react-native-fast-image