GHSA-3227-r97m-8j95: Relative Path Traversal in afire serve_static
This vulnerability effects the built-in afire serve_static extension allowing paths containing //.... to bypass the previous path sanitation and request files in higher directories that should not be accessible.
References
Code Behaviors & Features
Detect and mitigate GHSA-3227-r97m-8j95 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →