QID 982583
QID 982583: Nodejs (npm) Security Update for rollup-plugin-serve (GHSA-4j46-mp85-mv8c)
Path traversal in npm package `rollup-plugin-serve` before version 1.0.2. There is no path sanitization in `readFile` operation.
Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.
Solution
Customers are advised to refer to GHSA-4j46-mp85-mv8c for updates pertaining to this vulnerability.
Vendor References
- GHSA-4j46-mp85-mv8c -
github.com/advisories/GHSA-4j46-mp85-mv8c
CVEs related to QID 982583
Software Advisories
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| GHSA-4j46-mp85-mv8c | rollup-plugin-serve |
|