The host is installed with Node.js 20.x before 20.11.1, or 21.x before 21.6.2 and is prone to a path traversal vulnerability. A flaw is present in the application which fails to properly handle the experimental permission model. Successful exploitation could allow an attacker to modify the result of path.resolve() using the monkey-patching Buffer internals, leading to a path traversal vulnerabilit ...