| Release | Version |
|---|---|
| bullseye | 1.14.1-3 |
| bookworm | 1.15.0+~1.15.0-1 |
| trixie | 2.1.0+~1.15.7-2 |
| forky | 2.2.0+~2.2.0-1 |
| sid | 2.2.0+~2.2.0-1 |
| Bug | bullseye | bookworm | trixie | forky | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2024-43800 | vulnerable (no DSA, postponed) | vulnerable (no DSA) | fixed | fixed | fixed | serve-static serves static files. serve-static passes untrusted user i ... |
| Bug | Description |
|---|---|
| CVE-2015-1164 | Open redirect vulnerability in the serve-static plugin before 1.7.2 fo ... |