EPSS
Percentile
78.3%
Versions of serve prior to 7.0.1 are vulnerable to Path Traversal. Explicitly ignored folders can be accessed through if the path contains a /./, which allows attackers to access hidden folders and files.
serve
/./
Upgrade to version 7.0.1 or later.
github.com/advisories/GHSA-v588-qcp3-jv46
hackerone.com/reports/330724
nvd.nist.gov/vuln/detail/CVE-2019-5415
www.npmjs.com/advisories/1010