CVE-2018-16479
CVE-2018-16479 affects the package http-live-simulator (versions before 1.0.7). The root cause is insufficient input sanitization in the pathname, allowing a path traversal attack by appending extra slashes after the URL, which can lead to unauthorized access to arbitrary files on disk. Public ad...