Releases161
Frequency3 weeks 1 day
Last Release
Stars9.88K
Static file serving and directory listing

CVE History

CVEAffectedPublishedCVSS v3CVSS v2
< 6.4.94 MEDIUM

serve node module before 6.4.9 suffers from a Path Traversal vulnerability due to not handling %2e (.) and %2f (/) and allowing them in paths, which allows a malicious user to view the contents of any directory with known path.