Headline
GHSA-mv48-hcvh-8jj8: Vitejs Vite before v2.9.13 vulnerable to directory traversal via crafted URL to victim's service
Vitejs Vite before v2.9.13 was discovered to allow attackers to perform a directory traversal via a crafted URL to the victim’s service.
- GitHub Advisory Database
- GitHub Reviewed
- CVE-2022-35204
Vitejs Vite before v2.9.13 vulnerable to directory traversal via crafted URL to victim’s service
Moderate severity GitHub Reviewed Published Aug 19, 2022 • Updated Aug 30, 2022
Affected versions
< 2.9.13
Description
Related news
CVE-2022-35204: Unrestricted directory traversal with `@fs` (Bypass) · Issue #8498 · vitejs/vite
Vitejs Vite before v2.9.13 was discovered to allow attackers to perform a directory traversal via a crafted URL to the victim's service.