Node.Js · Node.Js · CVE-2017-14849
**Name of the Vulnerable Software and Affected Versions**
Node.js versions 8.5.0
**Description**
The issue allows remote attackers to access unintended files due to a change in ".." handling that is incompatible with the pathname validation used by community modules.
**Recommendations**
For Node.js version 8.5.0, update to version 8.6.0 or later to resolve the issue.