Description
Path traversal vulnerability in version up to v1.1.3 in serve-here.js npm module allows attackers to list any file in arbitrary folder.
Remediation
References
https://hackerone.com/reports/569966
Related Vulnerabilities
CVE-2022-25758 Vulnerability in npm package scss-tokenizer
CVE-2017-16188 Vulnerability in npm package reecerver
CVE-2020-26296 Vulnerability in npm package vega
CVE-2015-0250 Vulnerability in maven package org.apache.xmlgraphics:batik-dom
CVE-2023-37466 Vulnerability in maven package org.webjars.npm:vm2