Description
This affects all versions of package fast-http. There is no path sanitization in the path provided at fs.readFile in index.js.
Remediation
References
https://snyk.io/vuln/SNYK-JS-FASTHTTP-572892
Related Vulnerabilities
CVE-2011-3190 Vulnerability in maven package tomcat:tomcat-coyote
CVE-2020-7639 Vulnerability in npm package @eivifj/dot
CVE-2022-31018 Vulnerability in maven package com.typesafe.play:play_2.13
CVE-2020-35217 Vulnerability in maven package io.vertx:vertx-web
CVE-2023-40809 Vulnerability in maven package org.opencrx:opencrx-core-models