Browser mode serves arbitrary files in vitest

Vitest is a testing framework powered by Vite. The `__screenshot-error` handler on the browser mode HTTP server that responds any file on the file system. Especially if the server is exposed on the network by `browser.api.host: true`, an attacker can send a request to that handler from remote to get the content of arbitrary files.This `__screenshot-error` handler on the browser mode HTTP server responds any file on the file system. This code was added by commit `2d62051`. Users explicitly exposing the browser mode server to the network by `browser.api.host: true` may get any files exposed. This issue has been addressed in versions 2.1.9 and 3.0.4. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

对路径名的限制不恰当(路径遍历)

Vitest 路径遍历漏洞

Vitest是Vitest开源的一个 Vite 支持的下一代测试框架。 Vitest存在路径遍历漏洞，该漏洞源于浏览器模式HTTP服务器上的__screenshot-error处理程序可响应文件系统上的任何文件。

N/A

N/A