CVE-2025-8021
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-07-23
Last updated on: 2025-07-25
Assigner: Snyk
Description
Description
All versions of the package files-bucket-server are vulnerable to Directory Traversal where an attacker can traverse the file system and access files outside of the intended directory.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| npm | files-bucket-server | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-22 | The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a Directory Traversal issue in all versions of the package files-bucket-server. It allows an attacker to navigate the file system beyond the intended directory, potentially accessing unauthorized files.
How can this vulnerability impact me? :
An attacker exploiting this vulnerability can access sensitive files outside the intended directory, which may lead to unauthorized disclosure of information and potential security breaches.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70