Description
A bug in handling the ignore files and directories feature in serve 6.5.3 allows an attacker to read a file or list the directory that the victim has not allowed access to.
Remediation
References
https://hackerone.com/reports/330724
Related Vulnerabilities
CVE-2020-28433 Vulnerability in npm package node-latex-pdf
CVE-2015-1369 Vulnerability in npm package sequelize
CVE-2019-13127 Vulnerability in maven package org.webjars.bower:mxgraph
CVE-2019-10793 Vulnerability in maven package org.webjars.bower:dot-object
CVE-2023-31890 Vulnerability in maven package com.glazedlists:glazedlists