@gkatsev/grunt-harp (>=0.18.0 <=0.19.0), @mobify/documentation-theme (>=1.11.3 <=2.0.0-preview.2-dev) +20 more potentially affected by CVE-2019-5437 via harp (>=0.11.2 <=0.32.0)

harp NPM version =0.11.2, =0.18.0, =1.11.3, =1.11.3, =0.0.3, =0.0.8, =0.0.1, =0.0.1, =0.0.1-1, =0.0.1, =0.1.0, =0.1.0, =0.2.9 - n-p-m =1.1.0 and more Source cves: CVE-2019-5437 Source advisory: OSV:GHSA-46HV-7769-J7RX...

CVE-2019-5437

Information exposure through the directory listing in npm's harp module allows to access files that are supposed to be ignored according to the harp server rules.Vulnerable versions are = 0.29.0 and no fix was applied to our knowledge...

CVE-2019-5437

Summary: The CVE concerns the npm module harp (Node.js web server). Affected versions are