EPSS
Percentile
79.3%
fast-http is vulnerable to directory traversal. Lack of path sanitization in the fs.readfile function in index.js allows an attacker to access arbitrary files outside of the web root.
fs.readfile
index.js
github.com/cedced19/fast-http/blob/0.1.3/index.js#L35