Critical severityGHSA Advisory· Published Jul 17, 2020· Updated Sep 17, 2024
Directory Traversal
CVE-2020-7684
Description
This affects all versions of package rollup-plugin-serve. There is no path sanitization in readFile operation.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
rollup-plugin-servenpm | < 1.0.2 | 1.0.2 |
Affected products
2- Range: < 1.0.2
Patches
Vulnerability mechanics
References
6- github.com/advisories/GHSA-4j46-mp85-mv8cghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-7684ghsaADVISORY
- github.com/thgh/rollup-plugin-serve/commit/3d144f2f47e86fcba34f5a144968da94220e3969ghsaWEB
- github.com/thgh/rollup-plugin-serve/releases/tag/v1.0.2ghsaWEB
- snyk.io/vuln/SNYK-JS-FASTHTTP-572886mitrex_refsource_MISC
- vuldb.comghsaWEB
News mentions
0No linked articles in our index yet.