All versions of the package m.static are vulnerable to Directory Traversal due to improper input sanitization of the path being requested via the requestFile function.
{ "github_reviewed_at": "2023-05-11T20:39:15Z", "github_reviewed": true, "nvd_published_at": "2023-05-10T05:15:08Z", "cwe_ids": [ "CWE-22" ], "severity": "HIGH" }