What the vulnerability does

01Description

Path traversal vulnerability in version up to v1.1.3 in serve-here.js npm module allows attackers to list any file in arbitrary folder.

Key dates

02Disclosure timeline

July 10, 2019 CVE published
August 4, 2024 Record updated