Description
A path traversal vulnerability in serve npm package version 7.0.1 allows the attackers to read content of arbitrary files on the remote server.
Remediation
References
https://hackerone.com/reports/358645
Related Vulnerabilities
CVE-2022-23624 Vulnerability in npm package frourio-express
CVE-2022-25936 Vulnerability in npm package servst
CVE-2020-28469 Vulnerability in maven package org.webjars.npm:glob-parent
CVE-2023-26139 Vulnerability in npm package underscore-keypath
CVE-2020-11023 Vulnerability in maven package org.webjars:jquery