High severity7.5NVD Advisory· Published Nov 29, 2022· Updated Jun 17, 2026
CVE-2022-25848
CVE-2022-25848
Description
This affects all versions of package static-dev-server. This is because when paths from users to the root directory are joined, the assets for the path accessed are relative to that of the root directory.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- static-dev-server/static-dev-serverdescription
- ghsa-coords
Patches
Vulnerability mechanics
References
4- gist.github.com/lirantal/5550bcd0bdf92c1b56fbb20e141fe5bdnvdExploitThird Party AdvisoryWEB
- security.snyk.io/vuln/SNYK-JS-STATICDEVSERVER-3149917nvdExploitThird Party AdvisoryWEB
- github.com/advisories/GHSA-7fxm-c848-89q8ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-25848ghsaADVISORY
News mentions
0No linked articles in our index yet.