CVE-2017-16094
CVE-2017-16094 applies to the Node.js-based static file server iter-http , which is vulnerable to directory traversal by placing "../" in the URL. The underlying issue allows an attacker to access files outside the intended directory, potentially disclosing private files on the vulnerable system....