Description
A path traversal vulnerability in serve npm package version 7.0.1 allows the attackers to read content of arbitrary files on the remote server.
Remediation
References
https://hackerone.com/reports/358645
Related Vulnerabilities
CVE-2017-16171 Vulnerability in npm package hcbserver
CVE-2020-7793 Vulnerability in maven package org.webjars.npm:ua-parser-js
CVE-2020-28168 Vulnerability in maven package org.webjars.npm:axios
CVE-2021-43308 Vulnerability in npm package markdown-link-extractor
CVE-2023-3432 Vulnerability in maven package net.sourceforge.plantuml:plantuml