Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
All versions of the package static-server is vulnerable to Directory Traversal due to improper input sanitization passed via the validPath function of server.js.
Advisories for Npm/Static-Server package
2023