Vulnerability Details CVE-2022-25848
This affects all versions of package static-dev-server. This is because when paths from users to the root directory are joined, the assets for the path accessed are relative to that of the root directory.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 29.4%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2022-25848
-
cpe:2.3:a:static-dev-server_project:static-dev-server:1.0.0