Description
Path traversal vulnerability in version up to v1.1.3 in serve-here.js npm module allows attackers to list any file in arbitrary folder.
Remediation
References
https://hackerone.com/reports/569966
Related Vulnerabilities
CVE-2020-15174 Vulnerability in maven package org.webjars.npm:electron
CVE-2021-39185 Vulnerability in maven package org.http4s:http4s-server
CVE-2022-34113 Vulnerability in maven package io.dataease:dataease-plugin-common
CVE-2021-23369 Vulnerability in npm package handlebars
CVE-2014-0002 Vulnerability in maven package org.apache.camel:camel-core