2 matches found
CVE-2022-21192
All versions of the package serve-lite are vulnerable to Directory Traversal due to missing input sanitization or other checks and protections employed to the req.url passed as-is to path.join...
CVE-2022-21192
CVE-2022-21192 affects the lightweight HTTP server package serve-lite . The vulnerability is a Directory Traversal caused by missing input sanitization of the request URL, which is passed as-is to path.join(), enabling access to files outside the intended directory. Affects all versions prior to ...