Description
Path traversal vulnerability in version up to v1.1.3 in serve-here.js npm module allows attackers to list any file in arbitrary folder.
Remediation
References
https://hackerone.com/reports/569966
Related Vulnerabilities
CVE-2021-23374 Vulnerability in npm package ps-visitor
CVE-2021-28918 Vulnerability in npm package netmask
CVE-2021-40823 Vulnerability in npm package matrix-js-sdk
CVE-2020-28472 Vulnerability in npm package @aws-sdk/shared-ini-file-loader
CVE-2021-34371 Vulnerability in maven package org.neo4j:neo4j