@etalab/cadastre (>=0.14.0 <=0.21.0), @fmidev/smartmet-alert-client (>=3.0.0 <=3.8.8) +13 more potentially affected by CVE-2024-1163 via mapshaper (>=0.3.43 <=0.6.42)

mapshaper NPM version =0.3.43, =0.14.0, =3.0.0, =0.0.1, =0.1.9, =0.0.1, =0.0.3, =2.1.0, =1.3.1, =0.0.1, =0.0.1, =0.1.0, =0.1.1 Source cves: CVE-2024-1163 Source advisory: OSV:GHSA-8M36-62RW-9MXW...

Mapshaper Path Traversal Vulnerability

Mapshaper is a tool for editing Shapefile, GeoJSON, TopoJSON and CSV files. A path traversal vulnerability exists in Mapshaper versions prior to 0.6.44, which stems from a path traversal vulnerability in...