serve-here@1.5.6 vulnerabilities

local static server

latest version

3.2.0

first published

10 years ago

latest version published

8 years ago

deprecated

Package is deprecated

licenses detected

MIT
>=0

View serve-here package health on Snyk Advisor (opens in a new tab)

Go back to all versions of this package

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the serve-here package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
H Directory Traversal Note The `serve-here` package has been deprecated by the author and replaced by `@vivaxy/here` package. serve-here was a Local static server which has been renamed to `@vivaxy/here`. Affected versions of this package are vulnerable to Directory Traversal. A crafted request can be used to traverse the directory structure of a host using the `serve-here` package, and request arbitrary files outside of the specified web root. How to fix Directory Traversal? There is no fixed version for `serve-here`.	*

Directory Traversal

Note The serve-here package has been deprecated by the author and replaced by @vivaxy/here package.

serve-here was a Local static server which has been renamed to @vivaxy/here.

Affected versions of this package are vulnerable to Directory Traversal. A crafted request can be used to traverse the directory structure of a host using the serve-here package, and request arbitrary files outside of the specified web root.

How to fix Directory Traversal?

There is no fixed version for serve-here.

Go back to all versions of this package