Search for packages
| purl | pkg:npm/simplehttpserver@0.1.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-774n-27x9-pybr
Aliases: CVE-2018-16478 GHSA-vwr2-wj63-86gr |
Path Traversal List any file in the folder by using path traversal |
Affected by 0 other vulnerabilities. |
|
VCID-7k9f-xuj1-sya3
Aliases: CVE-2018-3716 GHSA-jrhj-2j3q-xf3v |
Cross-Site Scripting (XSS) - Stored simplehttpserver suffers from Stored XSS in file names leads to malicious JavaScript code execution when directory listing is output in HTML | There are no reported fixed by versions. |
|
VCID-h9px-vbrc-fkbn
Aliases: CVE-2018-3787 GHSA-gpvj-q7fp-jcch |
Path Traversal Path traversal in simplehttpserver allows listing any file on the server. |
Affected by 1 other vulnerability. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-7k9f-xuj1-sya3 | Cross-Site Scripting (XSS) - Stored simplehttpserver suffers from Stored XSS in file names leads to malicious JavaScript code execution when directory listing is output in HTML |
CVE-2018-3716
GHSA-jrhj-2j3q-xf3v |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-04T20:17:17.445401+00:00 | GitLab Importer | Affected by | VCID-774n-27x9-pybr | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/simplehttpserver/CVE-2018-16478.yml | 38.6.0 |
| 2026-06-04T20:14:34.413430+00:00 | GitLab Importer | Affected by | VCID-h9px-vbrc-fkbn | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/simplehttpserver/CVE-2018-3787.yml | 38.6.0 |
| 2026-06-04T20:12:50.390741+00:00 | GitLab Importer | Affected by | VCID-7k9f-xuj1-sya3 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/simplehttpserver/CVE-2018-3716.yml | 38.6.0 |
| 2026-06-04T17:40:28.060311+00:00 | GithubOSV Importer | Fixing | VCID-7k9f-xuj1-sya3 | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2018/07/GHSA-jrhj-2j3q-xf3v/GHSA-jrhj-2j3q-xf3v.json | 38.6.0 |