CVE-2022-25931

Published December 20th, 2022

View on NVD ↗

CVSS v3

7.5

HIGH

CVSS v2

N/A

Affected

PROJECT

Description

All versions of package easy-static-server are vulnerable to Directory Traversal due to missing input sanitization and sandboxes being employed to the req.url user input that is passed to the server code.

cunjieliu/easyServer

a easy server for static file by nodeJs

GitHub