serve-lite@1.0.0 vulnerabilities
a lightweight http-server for static file-based web development
-
latest version
1.2.1
-
latest non vulnerable version
-
first published
2 years ago
-
latest version published
5 months ago
-
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the serve-lite package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
serve-lite is an a lightweight http-server for static file-based web development Affected versions of this package are vulnerable to Directory Traversal due to missing input sanitization or other checks and protections employed to the How to fix Directory Traversal? Upgrade |
<1.1.1
|
serve-lite is an a lightweight http-server for static file-based web development Affected versions of this package are vulnerable to Cross-site Scripting (XSS) because when it detects a request to a directory, it renders a file listing of all of its contents with links that include the actual file names without any sanitization or output encoding. How to fix Cross-site Scripting (XSS)? Upgrade |
<1.1.2
|