Description
A path traversal vulnerability in serve npm package version 7.0.1 allows the attackers to read content of arbitrary files on the remote server.
Remediation
References
https://hackerone.com/reports/358645
Related Vulnerabilities
CVE-2022-35949 Vulnerability in maven package org.webjars.npm:undici
CVE-2017-5858 Vulnerability in npm package converse.js
CVE-2023-34981 Vulnerability in maven package org.apache.tomcat.embed:tomcat-embed-core
CVE-2021-46361 Vulnerability in maven package info.magnolia:magnolia-core
CVE-2022-3971 Vulnerability in npm package matrix-appservice-irc