harp@0.40.2 vulnerabilities

Static Web Server/Generator/Bundler

latest version

0.46.1
latest non vulnerable version

0.46.1
first published

11 years ago
latest version published

a year ago
licenses detected
- MIT
  >=0
View harp package health on Snyk Advisor Open this link in a new tab

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the harp package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
H Unauthorized File Access harp is a zero-configuration web server with built in pre-processing. Affected versions of this package are vulnerable to Unauthorized File Access. An attacker can access sensitive files on the server when a symlink in the project's base directory points to a file outside of the directory. How to fix Unauthorized File Access? Upgrade `harp` to version 0.40.3 or higher.	<0.40.3

Unauthorized File Access

harp is a zero-configuration web server with built in pre-processing.

Affected versions of this package are vulnerable to Unauthorized File Access. An attacker can access sensitive files on the server when a symlink in the project's base directory points to a file outside of the directory.

How to fix Unauthorized File Access?

Upgrade harp to version 0.40.3 or higher.

<0.40.3

Go back to all versions of this package

harp@0.40.2 vulnerabilities

Static Web Server/Generator/Bundler

latest version

latest non vulnerable version

first published

latest version published

licenses detected

Direct Vulnerabilities