CVE-2020-7682
CVE-2020-7682 concerns all versions of the npm package marked-tree, with no path sanitization in fs.readFile called from index.js. The connected Snyk entry confirms a Directory Traversal vulnerability that can read arbitrary files outside the web root and provides a PoC demonstrating traversal vi...