GHSA-vcxh-qvgr-9fw9

Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/05/GHSA-vcxh-qvgr-9fw9/GHSA-vcxh-qvgr-9fw9.json
Aliases
  • CVE-2023-26126
Published
2023-05-10T06:30:27Z
Modified
2023-05-17T12:59:15Z
Details

All versions of the package m.static are vulnerable to Directory Traversal due to improper input sanitization of the path being requested via the requestFile function.

References

Affected packages

npm / m.static

m.static

Affected ranges

Type
SEMVER
Events
Introduced
0
Last affected
2.2.0

Affected versions