Critical severityOSV Advisory· Published Dec 31, 2024· Updated Apr 15, 2026
CVE-2024-56198
CVE-2024-56198
Description
path-sanitizer is a simple lightweight npm package for sanitizing paths to prevent Path Traversal. Prior to 3.1.0, the filters can be bypassed using .=%5c which results in a path traversal. This vulnerability is fixed in 3.1.0.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
path-sanitizernpm | < 3.1.0 | 3.1.0 |
Affected products
2Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-94p5-r7cc-3rprghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2024-56198ghsaADVISORY
- github.com/cabraviva/path-sanitizer/commit/b6d2319eac910dffdfacc8460f5b5cc5a1518eadnvdWEB
- github.com/cabraviva/path-sanitizer/security/advisories/GHSA-94p5-r7cc-3rprnvdWEB
- www.loom.com/share/b766ece5193842848ce7562fcd559256nvdWEB
News mentions
0No linked articles in our index yet.