Description
Vitejs Vite before v2.9.13 was discovered to allow attackers to perform a directory traversal via a crafted URL to the victim's service.
Remediation
References
https://github.com/vitejs/vite/issues/8498
https://github.com/vitejs/vite/releases/tag/v2.9.13
https://github.com/vitejs/vite/releases/tag/v3.0.0-beta.4
Related Vulnerabilities
CVE-2017-16089 Vulnerability in npm package serverlyr
CVE-2021-23383 Vulnerability in maven package org.webjars.npm:handlebars
CVE-2023-30541 Vulnerability in npm package @openzeppelin/contracts-upgradeable
CVE-2022-22968 Vulnerability in maven package org.springframework:spring-context
CVE-2021-45851 Vulnerability in npm package @frangoteam/fuxa