5.2 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
47.6%
Information exposure through the directory listing in npm’s harp module allows to access files that are supposed to be ignored according to the harp server rules.Vulnerable versions are <= 0.29.0 and no fix was applied to our knowledge.
hackerone.com/reports/453820