Description
A path traversal vulnerability in serve npm package version 7.0.1 allows the attackers to read content of arbitrary files on the remote server.
Remediation
References
https://hackerone.com/reports/358645
Related Vulnerabilities
CVE-2021-23382 Vulnerability in npm package postcss
CVE-2020-35202 Vulnerability in maven package org.igniterealtime.openfire.plugins:dbaccess
CVE-2018-18854 Vulnerability in maven package io.spray:spray-json
CVE-2021-21349 Vulnerability in maven package com.thoughtworks.xstream:xstream
CVE-2021-23337 Vulnerability in maven package org.webjars.npm:lodash