Description
This affects all versions of package rollup-plugin-serve. There is no path sanitization in readFile operation.
Remediation
References
https://vuldb.com/?id.158745
https://snyk.io/vuln/SNYK-JS-FASTHTTP-572886
Related Vulnerabilities
CVE-2019-10289 Vulnerability in maven package org.jenkins-ci.plugins:netsparker-cloud-scan
CVE-2016-10703 Vulnerability in npm package ecstatic
CVE-2016-10694 Vulnerability in npm package alto-saxophone
CVE-2018-20677 Vulnerability in maven package org.webjars.bowergithub.angular-ui:bootstrap
CVE-2020-8203 Vulnerability in maven package org.fujion.webjars:lodash