Description
calmquist.static-server is a static file server. calmquist.static-server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
Remediation
References
https://github.com/JacksonGL/NPM-Vuln-PoC/blob/master/directory-traversal/calmquist.static-server
https://nodesecurity.io/advisories/398
Related Vulnerabilities
CVE-2021-21347 Vulnerability in maven package com.thoughtworks.xstream:xstream
CVE-2021-21412 Vulnerability in npm package @thi.ng/egf
CVE-2020-7642 Vulnerability in npm package lazysizes
CVE-2021-23807 Vulnerability in npm package jsonpointer
CVE-2020-7784 Vulnerability in npm package ts-process-promises