Описание
Directory Traversal in serve
Versions of serve before 7.1.3 are vulnerable to Directory Traversal. File paths are not sanitized leading to unauthorized access of system files.
Recommendation
Upgrade to version 7.1.3 or later
Пакеты
Наименование
serve
npm
Затронутые версииВерсия исправления
< 7.1.3
7.1.3
Связанные уязвимости
CVSS3: 7.5
nvd
почти 7 лет назад
A path traversal vulnerability in serve npm package version 7.0.1 allows the attackers to read content of arbitrary files on the remote server.