CVE-2025-59342 | esm-dev esm.sh up to 136 HTTP Header X-Zone-Id path traversal (GHSA-g2h5-cvvr-7gmw)

A vulnerability was found in esm-dev esm.sh up to 136 and classified as critical. This impacts an unknown function of the component HTTP Header Handler. The manipulation of the argument X-Zone-Id results in path traversal: ‘../filedir’.

This vulnerability is reported as CVE-2025-59342. The attack can be launched remotely. No exploit exists.VulDB Recent EntriesRead More