Search for packages
| purl | pkg:npm/m-server@1.4.1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-7cwe-vfmf-nbau
Aliases: CVE-2018-16484 GHSA-gmxv-xf2q-6j8m |
Cross-site Scripting A XSS vulnerability was found in module m-server that allows malicious Javascript code or HTML to be executed, due to the lack of escaping for special characters in folder names. |
Affected by 0 other vulnerabilities. |
|
VCID-wp6b-9r5n-h3h6
Aliases: GHSA-vc6r-4x6g-mmqc GMS-2019-133 |
Relative Path Traversal in m-server. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-wxay-9sqd-uqgm | Path Traversal vulnerability in module m-server allows malicious user to access unauthorized content of any file in the directory tree e.g. `/etc/passwd` by appending slashes to the URL request. |
CVE-2018-16485
GHSA-899g-6q6w-7v94 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-05-31T11:18:55.239408+00:00 | GithubOSV Importer | Fixing | VCID-wxay-9sqd-uqgm | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2019/02/GHSA-899g-6q6w-7v94/GHSA-899g-6q6w-7v94.json | 38.6.0 |
| 2026-05-31T09:57:18.480899+00:00 | GitLab Importer | Affected by | VCID-wp6b-9r5n-h3h6 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/m-server/GMS-2019-133.yml | 38.6.0 |
| 2026-05-31T09:53:24.825331+00:00 | GitLab Importer | Affected by | VCID-7cwe-vfmf-nbau | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/m-server/CVE-2018-16484.yml | 38.6.0 |
| 2026-05-31T00:51:25.985314+00:00 | GHSA Importer | Fixing | VCID-wxay-9sqd-uqgm | https://github.com/advisories/GHSA-899g-6q6w-7v94 | 38.6.0 |
| 2026-05-30T20:54:46.008321+00:00 | GitLab Importer | Fixing | VCID-wxay-9sqd-uqgm | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/m-server/CVE-2018-16485.yml | 38.6.0 |