Description
A path traversal vulnerability in serve npm package version 7.0.1 allows the attackers to read content of arbitrary files on the remote server.
Remediation
References
https://hackerone.com/reports/358645
Related Vulnerabilities
CVE-2021-21685 Vulnerability in maven package org.jenkins-ci.main:jenkins-core
CVE-2022-4135 Vulnerability in npm package electron
CVE-2016-10540 Vulnerability in npm package minimatch
CVE-2022-25231 Vulnerability in npm package node-opcua
CVE-2022-2191 Vulnerability in maven package org.eclipse.jetty:jetty-server