VYPR

npm package

webpack-dev-middleware

pkg:npm/webpack-dev-middleware

Vulnerabilities (1)

  • CVE-2024-29180Mar 21, 2024
    affected >= 7.0.0, < 7.1.0fixed 7.1.0

    Prior to versions 7.1.0, 6.1.2, and 5.3.4, the webpack-dev-middleware development middleware for devpack does not validate the supplied URL address sufficiently before returning the local file. It is possible to access any file on the developer's machine. The middleware can eithe