Find real vulnerabilities before they ship
Vulnerability Database › npm › CVE-2020-7757
This affects all versions of package droppy. It is possible to traverse directories to fetch configuration files from a droopy server.