EPSS
Percentile
39.6%
@node-red/runtime is vulnerable to directory traversal. The vulnerability exists as users with the projects.read permission can access any file via the Projects API.
projects.read
Projects
github.com/node-red/node-red/commit/74db3e17d075f23d9c95d7871586cf461524c456
github.com/node-red/node-red/releases/tag/1.2.8
github.com/node-red/node-red/security/advisories/GHSA-m33v-338h-4v9f
www.npmjs.com/package/@node-red/runtime