min-http-server@1.0.6 vulnerabilities

A simple http server which start at random port

Known vulnerabilities in the min-http-server package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
H Directory Traversal min-http-server is a zero-configuration, lightweight http static resource server. Affected versions of this package are vulnerable to Directory Traversal. It allows specifying paths relative to the `webroot` directory. How to fix Directory Traversal? There is no fixed version for `min-http-server`.	*
M Cross-site Scripting (XSS) min-http-server is a zero-configuration, lightweight http static resource server. Affected versions of this package are vulnerable to Cross-site Scripting (XSS). An attacker with access to the server file system could execute arbitrary JavaScript code in victim's browser. How to fix Cross-site Scripting (XSS)? There is no fixed version for `min-http-server`.	*