webpack-dev-middleware@1.7.0 vulnerabilities
A development middleware for webpack
-
latest version
7.4.2
-
latest non vulnerable version
-
first published
12 years ago
-
latest version published
3 months ago
-
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the webpack-dev-middleware package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
Affected versions of this package are vulnerable to Path Traversal due to insufficient validation of the supplied URL address before returning the local file. This issue allows accessing any file on the developer's machine. The middleware can operate with either the physical filesystem or a virtualized in-memory Notes:
How to fix Path Traversal? Upgrade |
<5.3.4
>=6.0.0 <6.1.2
>=7.0.0 <7.1.0
|