GHSA-7fxm-c848-89q8

Source
https://github.com/advisories/GHSA-7fxm-c848-89q8
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/11/GHSA-7fxm-c848-89q8/GHSA-7fxm-c848-89q8.json
Aliases
  • CVE-2022-25848
Published
2022-11-29T18:30:18Z
Modified
2023-11-08T04:08:49.012572Z
Details

A path traversal vulnerability affects all versions of package static-dev-server. This is because when paths from users to the root directory are joined, the assets for the path accessed are relative to that of the root directory. There is currently no known workaround or fix for this issue.

References

Affected packages

npm / static-dev-server

Package

Affected ranges

Affected versions

1.*

1.0.0