serve-handler@2.4.1 vulnerabilities
The routing foundation of `serve`
-
latest version
6.1.6
-
latest non vulnerable version
-
first published
7 years ago
-
latest version published
a month ago
-
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the serve-handler package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
serve-handler is a package responsible for routing requests and handling responses. Affected versions of this package are vulnerable to Information Exposure. The How to fix Information Exposure? Upgrade |
<5.0.8
|
The module provides a directory listing feature in it's HTTP server which does not sanitise the filename potentially allowing a malicious payload in the filename could be used to invoke an XSS. How to fix Cross-site Scripting (XSS)? Upgrade |
<5.0.3
|