CVE-2022-28380
CVE-2022-28380 affects the rc-httpd component in plan9front (9front fork) up to 2022-03-31. The issue enables directory traversal via a crafted path containing ..%2f when serve-static is used, exposing potential access to restricted files. The connected sources confirm the vulnerable component an...