httpster@0.6.0 vulnerabilities

Simple http server for static content

Direct Vulnerabilities

Known vulnerabilities in the httpster package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • H
Directory Traversal

httpster is a Simple http server for static content

Affected versions of this package are vulnerable to Directory Traversal via the fs.realpathSync function of the src/server.coffee file.

How to fix Directory Traversal?

Upgrade httpster to version 1.0.6 or higher.

<1.0.6