Homepage

@vendure/asset-server-plugin

The `AssetServerPlugin` serves assets (images and other files) from the local file system. It can also perform on-the-fly image transformations and caches the results for subsequent calls.
Licenses: MIT | GPL-3.0
Published: 7 years ago Last updated: 24 days ago Latest version: 3.6.3 Latest non-vulnerable version: 3.7.0-minor-202605290309

License

MIT>=0.1.0 <3.0.0-next.0;
GPL-3.0>=3.0.0-next.0;
Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the @vendure/asset-server-plugin package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • H
Directory Traversal

<2.3.3>=3.0.0 <3.0.5

Package versions

568 VERSIONS IN TOTAL See all versions
versionpublisheddirect vulnerabilities
3.7.0-minor-20260529030929 May, 2026
  • 0
    C
  • 0
    H
  • 0
    M
  • 0
    L
3.7.0-minor-20260528030928 May, 2026
  • 0
    C
  • 0
    H
  • 0
    M
  • 0
    L
3.7.0-minor-20260522030922 May, 2026
  • 0
    C
  • 0
    H
  • 0
    M
  • 0
    L
3.7.0-minor-20260521030921 May, 2026
  • 0
    C
  • 0
    H
  • 0
    M
  • 0
    L
3.7.0-minor-20260520030820 May, 2026
  • 0
    C
  • 0
    H
  • 0
    M
  • 0
    L
3.7.0-minor-20260519030919 May, 2026
  • 0
    C
  • 0
    H
  • 0
    M
  • 0
    L
3.7.0-minor-20260518030918 May, 2026
  • 0
    C
  • 0
    H
  • 0
    M
  • 0
    L
3.7.0-minor-20260516030716 May, 2026
  • 0
    C
  • 0
    H
  • 0
    M
  • 0
    L
3.7.0-minor-20260515030815 May, 2026
  • 0
    C
  • 0
    H
  • 0
    M
  • 0
    L
3.7.0-minor-20260512030812 May, 2026
  • 0
    C
  • 0
    H
  • 0
    M
  • 0
    L