serve@9.4.2 vulnerabilities

Static file serving and directory listing

Direct Vulnerabilities

Known vulnerabilities in the serve package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • H
Directory Traversal

serve is a static file serving and directory listing.

Affected versions of this package are vulnerable to Directory Traversal. It was possible to fetch files outside of the web root dir with a symlink file on the working dir.

How to fix Directory Traversal?

Upgrade serve to version 11.0.0 or higher.

<11.0.0