CVE-2025-8021 | THREATINT

Description

All versions of the package files-bucket-server are vulnerable to Directory Traversal where an attacker can traverse the file system and access files outside of the intended directory.

PUBLISHED Reserved 2025-07-22 | Published 2025-07-23 | Updated 2025-07-23 | Assigner snyk

HIGH: 8.7CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P

HIGH: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P

Problem types

Directory Traversal

Credits

Liran Tal

References

security.snyk.io/vuln/SNYK-JS-FILESBUCKETSERVER-9510944

gist.github.com/...rsal-vulnerability-in-files-bucket-server

cve.org (CVE-2025-8021)

nvd.nist.gov (CVE-2025-8021)

Download JSON