Description
A Path traversal exists in http_server which allows an attacker to read arbitrary system files.
Remediation
References
https://hackerone.com/reports/692262
Related Vulnerabilities
CVE-2021-43849 Vulnerability in npm package cordova-plugin-fingerprint-aio
CVE-2016-3088 Vulnerability in maven package org.apache.activemq:activemq-fileserver
CVE-2019-16728 Vulnerability in maven package org.webjars.bowergithub.cure53:dompurify
CVE-2023-44487 Vulnerability in maven package io.netty:netty-codec-http2
CVE-2022-25860 Vulnerability in maven package org.webjars.npm:simple-git