Description
Path traversal using symlink in npm harp module versions <= 0.29.0.
Remediation
References
https://hackerone.com/reports/530289
Related Vulnerabilities
CVE-2021-3807 Vulnerability in npm package ansi-regex
CVE-2022-25168 Vulnerability in maven package org.apache.hadoop:hadoop-common
CVE-2022-36901 Vulnerability in maven package org.jenkins-ci.plugins:http_request
CVE-2023-29921 Vulnerability in maven package tech.powerjob:powerjob
CVE-2020-35200 Vulnerability in maven package org.igniterealtime.openfire.plugins:clientcontrol