Search for packages
| purl | pkg:npm/simplehttpserver@0.0.1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-774n-27x9-pybr
Aliases: CVE-2018-16478 GHSA-vwr2-wj63-86gr |
Path Traversal List any file in the folder by using path traversal |
Affected by 0 other vulnerabilities. |
|
VCID-7k9f-xuj1-sya3
Aliases: CVE-2018-3716 GHSA-jrhj-2j3q-xf3v |
Cross-Site Scripting (XSS) - Stored simplehttpserver suffers from Stored XSS in file names leads to malicious JavaScript code execution when directory listing is output in HTML |
Affected by 3 other vulnerabilities. |
|
VCID-h9px-vbrc-fkbn
Aliases: CVE-2018-3787 GHSA-gpvj-q7fp-jcch |
Path Traversal Path traversal in simplehttpserver allows listing any file on the server. |
Affected by 1 other vulnerability. |
|
VCID-jua1-cqe7-2ufj
Aliases: GMS-2018-23 |
Cross Site Scripting simplehttpserver allows embedding HTML in file names, which in certain conditions allows execution of malicious JavaScript. | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-04T20:17:17.415632+00:00 | GitLab Importer | Affected by | VCID-774n-27x9-pybr | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/simplehttpserver/CVE-2018-16478.yml | 38.6.0 |
| 2026-06-04T20:14:34.402085+00:00 | GitLab Importer | Affected by | VCID-h9px-vbrc-fkbn | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/simplehttpserver/CVE-2018-3787.yml | 38.6.0 |
| 2026-06-04T20:12:50.382189+00:00 | GitLab Importer | Affected by | VCID-7k9f-xuj1-sya3 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/simplehttpserver/CVE-2018-3716.yml | 38.6.0 |
| 2026-06-02T04:37:32.689571+00:00 | GitLab Importer | Affected by | VCID-jua1-cqe7-2ufj | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/simplehttpserver/GMS-2018-23.yml | 38.6.0 |