{"package":"node-static","ecosystem":"npm","latest_version":"0.7.11","description":"simple, compliant file streaming module for node","license":"MIT","license_risk":"permissive","commercial_use_notes":"Permissive: commercial closed-source use OK; preserve the copyright notice.","homepage":"https://github.com/cloudhead/node-static","repository":"ssh://git@github.com/cloudhead/node-static","downloads_weekly":72593,"health":{"score":47,"risk":"high","breakdown":{"maintenance":0,"popularity":10,"security":18,"maturity":15,"community":4},"deprecated":false,"max_score":100},"vulnerabilities":{"count":2,"critical":0,"high":1,"medium":1,"low":0,"details":[{"vuln_id":"CVE-2023-26111","severity":"high","summary":"node-static and @nubosoftware/node-static vulnerable to Directory Traversal","affected_versions":"<=0.7.11|<=0.7.11","fixed_version":null,"source":"osv","published_at":"2023-03-06T06:30:18Z","in_kev":false,"epss_prob":0.0132,"epss_percentile":0.79963,"threat_tier":"theoretical"},{"vuln_id":"GHSA-8r4g-cg4m-x23c","severity":"medium","summary":"Denial of Service in node-static","affected_versions":"<=0.7.11","fixed_version":null,"source":"osv","published_at":"2021-09-22T18:22:02Z","in_kev":false,"threat_tier":"unknown"}],"actively_exploited_count":0,"likely_exploited_count":0},"versions":{"latest":"0.7.11","total_count":26,"recent":["0.6.2","0.6.3","0.6.4","0.6.5","0.6.6","0.6.7","0.6.8","0.6.9","0.7.0","0.7.1","0.7.2","0.7.3","0.7.4","0.7.5","0.7.6","0.7.7","0.7.8","0.7.9","0.7.10","0.7.11"]},"metadata":{"deprecated":false,"deprecated_message":null,"maintainers_count":3,"first_published":"2011-05-02T20:48:29.228Z","last_published":"2018-09-23T11:19:58.668Z","dependencies_count":3,"dependencies":["optimist","colors","mime"]},"github_stats":null,"bundle":{"size_kb":37.9,"gzip_kb":11.5,"dependency_count":3,"has_js_module":false,"has_side_effects":true,"scoped":false,"source":"bundlephobia"},"typescript":{"score":7,"has_types":true,"types_source":"definitely-typed","types_package":"@types/node-static"},"known_issues":{"bugs_count":0,"bugs_severity":{},"status_breakdown":{},"link":null,"scope":"none"},"historical_compromise":null,"recommendation":{"action":"update_required","issues":["Moderate health score (47/100) — verify manually","1 high severity vulnerabilities"],"use_version":"0.7.11","version_hint":null,"summary":"node-static@0.7.11 has vulnerabilities — update to latest"},"version_scoped":null,"requested_version":null,"_cache":"miss","_response_ms":377,"_powered_by":"depscope.dev — free package intelligence for AI agents","typosquat":{"is_suspected":false},"maintainer_trust":{"available":false},"malicious":{"is_malicious":false},"scorecard":{"available":false},"quality":{"available":false},"version_history_summary":{"total_versions":20,"first_release_age_days":5478,"last_release_days_ago":2778,"avg_days_between_releases":288,"release_velocity":"stale"}}