Description
Path traversal in buttle module versions <= 0.2.0 allows to read any file in the server.
Remediation
References
https://hackerone.com/reports/358112
Related Vulnerabilities
CVE-2020-7744 Vulnerability in maven package com.mintegral.msdk:alphab
CVE-2022-45392 Vulnerability in maven package io.jenkins.plugins:cavisson-ns-nd-integration
CVE-2023-26102 Vulnerability in npm package rangy
CVE-2017-16100 Vulnerability in npm package dns-sync
CVE-2018-16487 Vulnerability in npm package lodash.mergewith