Description
Vitejs Vite before v2.9.13 was discovered to allow attackers to perform a directory traversal via a crafted URL to the victim's service.
Remediation
References
https://github.com/vitejs/vite/issues/8498
https://github.com/vitejs/vite/releases/tag/v2.9.13
https://github.com/vitejs/vite/releases/tag/v3.0.0-beta.4
Related Vulnerabilities
CVE-2011-1772 Vulnerability in maven package org.apache.struts.xwork:xwork-core
CVE-2021-43787 Vulnerability in npm package nodebb
CVE-2021-23371 Vulnerability in npm package chrono-node
CVE-2023-2972 Vulnerability in npm package @antfu/utils
CVE-2022-35915 Vulnerability in maven package org.webjars.npm:openzeppelin__contracts