Path Traversal

2019-06-14T15:26:57
ID NODEJS:967
Type nodejs
Reporter libcontainer
Modified 2019-06-18T19:59:57

Description

Overview

All versions of static-resource-server are vulnerable to Path Traversal. Due to insufficient input sanitization, attackers can access server files by using relative paths.

Recommendation

No fix is currently available. Consider using an alternative module until a fix is made available.

References