@formicarium/tanajura (>=0.0.2 <=1.10.3), starbucket (>=0.9.1 <=1.1.1) +2 more potentially affected by unknown CVE via node-git-server (>=0.0.1 <=0.4.3)

node-git-server NPM version =0.0.1, =0.0.2, =0.9.1, =0.1.0, =0.3.1 Source cves: unknown CVE Source advisory: OSV:GHSA-CV3V-7846-6PXM...

GHSA-CV3V-7846-6PXM Unauthorized File Access in node-git-server

Versions of node-git-server prior to 0.6.1 are vulnerable to Unauthorized File Access. It is possible to access any git repository by using absolute paths, which may allow attackers to access private repositories. Recommendation Upgrade to version 0.6.1 or later...

Unauthorized File Access in node-git-server

Versions of node-git-server prior to 0.6.1 are vulnerable to Unauthorized File Access. It is possible to access any git repository by using absolute paths, which may allow attackers to access private repositories. Recommendation Upgrade to version 0.6.1 or later...

Unauthorized File Access

Overview Versions of node-git-server prior to 0.6.1 are vulnerable to Unauthorized File Access. It is possible to access any git repository by using absolute paths, which may allow attackers to access private repositories. Recommendation Upgrade to version 0.6.1 or later. References - GitHub PR -...