Description
public node module suffers from a Path Traversal vulnerability due to lack of validation of filePath, which allows a malicious user to read content of any file with known path.
Remediation
References
https://hackerone.com/reports/312918
Related Vulnerabilities
CVE-2021-34080 Vulnerability in npm package ssl-utils
CVE-2020-5497 Vulnerability in maven package org.mitre:openid-connect-server-webapp
CVE-2017-3203 Vulnerability in maven package org.springframework.flex:spring-flex-core
CVE-2023-26480 Vulnerability in maven package org.xwiki.platform:xwiki-platform-livedata-macro
CVE-2022-29219 Vulnerability in npm package @chainsafe/lodestar