CVE-2014-3744

The CVE-2014-3744 issue is a directory traversal vulnerability in the Node.js st module prior to 0.2.5. Vulnerable versions mishandle URL-encoded dots (e.g., %2e and %2e%2e), allowing remote attackers to read arbitrary files on the server. Evidence from multiple sources confirms the affected comp...