simplehttpserver

npm3 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting simplehttpserverpage 1 of 1

CVE-2018-16478MEDIUMCVSS 5.3EG 5.3
2018-12-04
A Path Traversal in simplehttpserver versions <=0.2.1 allows to list any file in another folder of web root.
CVE-2018-3716MEDIUMCVSS 5.4EG 5.4✓ Fixed in 0.1.0
2018-06-07
simplehttpserver node module suffers from a Cross-Site Scripting vulnerability to a lack of validation of file names.
CVE-2018-3787HIGHCVSS 7.5EG 7.5✓ Fixed in 0.2.1
2018-08-31
Path traversal in simplehttpserver <v0.2.1 allows listing any file on the server.

Check whether simplehttpserver is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for simplehttpserver CVEs against the assets you own.

Start Free Scan →