Description
This affects all versions of package rollup-plugin-serve. There is no path sanitization in readFile operation.
Remediation
References
https://vuldb.com/?id.158745
https://snyk.io/vuln/SNYK-JS-FASTHTTP-572886
Related Vulnerabilities
CVE-2018-3711 Vulnerability in npm package fastify
CVE-2021-26539 Vulnerability in npm package sanitize-html
CVE-2021-32620 Vulnerability in maven package org.xwiki.platform:xwiki-platform-oldcore
CVE-2021-32822 Vulnerability in npm package hbs
CVE-2018-19361 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind