CVE 2020-7686

This affects all versions of package rollup-plugin-dev-server. There is no path sanitization in readFile operation inside the readFileFromContentBase function.

See the CVE page on Mitre.org for more details.