CVE-2022-21192: Directory Traversal vulnerability in serve-lite
(updated )
All versions of the package serve-lite is vulnerable to Directory Traversal due to missing input sanitization or other checks and protections employed to the req.url passed as-is to path.join().
References
Detect and mitigate CVE-2022-21192 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →