@chymian-0 We saw the exact same problem with @robi's instance. Essentially, one of the plugins was preventing the startup. After the log line "Your Etherpad version is 1.8.12", one is supposed to see "http server listening" or something like that. I recommend "npm rm" on each of the plugins as suggested in https://docs.cloudron.io/apps/etherpad/#troubleshooting to debug which plugin causes this issue. Unfortunately, this is the life with plugins in etherpad, they keep breaking between releases 😞
Since I just looked into this, the errors (or rather warnings) from npm are for one thing, that etherpad does not have a package.json file in the root folder, but relies on the node_modules folder for listing. Also npm by default attempts to check for update of itself, which fails and it should not update on its own, since we only test against specific versions.
The vulnerabilities are indeed an issue, however as @girish mentioned we cannot blindly update them, so all those have to be ideally reported upstream with all the relevant plugins even.