next prior to 9.3.2 are vulnerable to Path Traversal. The package failed to restrict access to arbitrary files inside the
dist directory through specially-crafted HTTP requests. It is not possible to access files outside of the
Upgrade to version 9.3.2 or later.
publishedAdvisory PublishedMay 19th, 2020
reportedReported by Luca CarettoniApr 6th, 2020