Search for packages
| purl | pkg:npm/serve-here@3.2.0 |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 4.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-4ssu-jq4h-ruct
Aliases: GHSA-g8m7-qhv7-9h5x GMS-2019-140 |
Relative Path Traversal in serve-here. | There are no reported fixed by versions. |
|
VCID-mh2m-vfgy-sqhr
Aliases: GMS-2018-1 |
Directory Traversal serve-here is vulnerable to a directory traversal attack. This means that files on the local file system which exist outside of the web root may be disclosed to an attacker. This might include confidential files. Mitigating Factors: if the node process is run as a user with very limited filesystem permissions, there is significantly less risk of exposing confidential/private information. | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-05T21:09:36.377647+00:00 | GHSA Importer | Affected by | VCID-4ssu-jq4h-ruct | https://github.com/advisories/GHSA-g8m7-qhv7-9h5x | 38.6.0 |
| 2026-06-02T04:39:25.203173+00:00 | GitLab Importer | Affected by | VCID-4ssu-jq4h-ruct | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/serve-here/GMS-2019-140.yml | 38.6.0 |
| 2026-06-02T04:37:26.314835+00:00 | GitLab Importer | Affected by | VCID-mh2m-vfgy-sqhr | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/serve-here/GMS-2018-1.yml | 38.6.0 |