serve-here@2.7.4 vulnerabilities

local static server

latest version

3.2.0
first published

9 years ago
latest version published

8 years ago
licenses detected
- MIT
  >=0
View serve-here package health on Snyk Advisor Open this link in a new tab

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the serve-here package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
H Directory Traversal Note The `serve-here` package has been deprecated by the author and replaced by `@vivaxy/here` package. serve-here was a Local static server which has been renamed to `@vivaxy/here`. Affected versions of this package are vulnerable to Directory Traversal. A crafted request can be used to traverse the directory structure of a host using the `serve-here` package, and request arbitrary files outside of the specified web root. How to fix Directory Traversal? There is no fixed version for `serve-here`.	*

Directory Traversal

Note The serve-here package has been deprecated by the author and replaced by @vivaxy/here package.

serve-here was a Local static server which has been renamed to @vivaxy/here.

Affected versions of this package are vulnerable to Directory Traversal. A crafted request can be used to traverse the directory structure of a host using the serve-here package, and request arbitrary files outside of the specified web root.

How to fix Directory Traversal?

There is no fixed version for serve-here.

Go back to all versions of this package

serve-here@2.7.4 vulnerabilities

local static server

latest version

first published

latest version published

licenses detected

Direct Vulnerabilities