Homepage

@vendure/asset-server-plugin

The `AssetServerPlugin` serves assets (images and other files) from the local file system. It can also perform on-the-fly image transformations and caches the results for subsequent calls.
Licenses: MIT | GPL-3.0
Published: 7 years ago Last updated: 25 days ago Latest version: 3.6.4 Latest non-vulnerable version: 3.7.0-minor-202606270308

License

MIT>=0.1.0 <3.0.0-next.0;
GPL-3.0>=3.0.0-next.0;
Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the @vendure/asset-server-plugin package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • H
Directory Traversal

<2.3.3>=3.0.0 <3.0.5

Package versions

598 VERSIONS IN TOTAL See all versions
versionpublisheddirect vulnerabilities
3.7.0-minor-20260627030827 Jun, 2026
  • 0
    C
  • 0
    H
  • 0
    M
  • 0
    L
3.7.0-minor-20260626031126 Jun, 2026
  • 0
    C
  • 0
    H
  • 0
    M
  • 0
    L
3.7.0-minor-20260624030924 Jun, 2026
  • 0
    C
  • 0
    H
  • 0
    M
  • 0
    L
3.7.0-minor-20260620030920 Jun, 2026
  • 0
    C
  • 0
    H
  • 0
    M
  • 0
    L
3.7.0-minor-20260619031119 Jun, 2026
  • 0
    C
  • 0
    H
  • 0
    M
  • 0
    L
3.7.0-minor-20260618031018 Jun, 2026
  • 0
    C
  • 0
    H
  • 0
    M
  • 0
    L
3.7.0-minor-20260617031017 Jun, 2026
  • 0
    C
  • 0
    H
  • 0
    M
  • 0
    L
3.7.0-minor-20260613030813 Jun, 2026
  • 0
    C
  • 0
    H
  • 0
    M
  • 0
    L
3.7.0-minor-20260611030911 Jun, 2026
  • 0
    C
  • 0
    H
  • 0
    M
  • 0
    L
3.7.0-minor-20260610030910 Jun, 2026
  • 0
    C
  • 0
    H
  • 0
    M
  • 0
    L