CVE-2018-3731

Name of the Vulnerable Software and Affected Versions public versions prior to 0.1.3

Description The issue arises from a lack of validation of the filePath, allowing a malicious user to read the content of any file with a known path due to a Path Traversal vulnerability. This is caused by insufficient file path sanitization, which could lead to any file the parent process has access to on the server being read by a malicious user.

Recommendations Update to version 0.1.3 or later. As a temporary workaround, consider restricting access to sensitive files until the issue is resolved.