CVE-2014-10066

Name of the Vulnerable Software and Affected Versions fancy-server versions prior to 0.1.4

Description The issue allows an attacker to perform a directory traversal attack by providing input such as ../ to read files outside of the served directory. This can be achieved through standard attack vectors.

Recommendations For versions prior to 0.1.4, upgrade to version 0.1.4 or greater. As a temporary workaround, consider restricting access to sensitive files and directories until the upgrade is applied.