Vulnerabilities

ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-j4pr-3wm6-xx2r
  • RubyGems/uri
URI Credential Leakage Bypass over CVE-2025-27221 52 minutes ago
  • Fix available
  • Severity - 2.7 (Low)
CGA-q58f-9vvv-2cmc
  • Chainguard/logstash-9.0
  • Chainguard/logstash-9.0-compat
  • Chainguard/logstash-9.0-env2yaml
  • Chainguard/logstash-9.0-iamguarded-compat
  • Chainguard/logstash-9.0-with-output-opensearch
See record for full details 54 minutes ago
  • Fix available
GHSA-6rw7-vpxm-498p
  • npm/qs
qs's arrayLimit bypass in its bracket notation allows DoS via memory exhaustion 56 minutes ago
  • Fix available
  • Severity - 8.7 (High)
GHSA-2267-xqcf-gw2m
  • Packagist/facturascripts/facturascripts
FacturaScripts is Vulnerable to Stored Cross-Site Scripting (XSS) via XML File Upload 1 hour ago
  • No fix available
  • Severity - 8.6 (High)
GHSA-6mp4-q625-mxjp
  • Packagist/yourls/yourls
YOURLS is vulnerable to XSS through JSONP and Callback request parameters 2 hours ago
  • No fix available
  • Severity - 7.1 (High)
GHSA-xphh-5v4r-r3rx
  • npm/psitransfer
PsiTransfer has Zip Slip Path Traversal via TAR Archive Download 2 hours ago
  • Fix available
  • Severity - 8.1 (High)
GHSA-59pp-r3rg-353g
  • Packagist/composer/composer
Composer is vulnerable to ANSI sequence injection 4 hours ago
  • Fix available
  • Severity - 1.2 (Low)
MAL-2025-192986
  • npm/nbugs-video
Malicious code in nbugs-video (npm) 4 hours ago
  • No fix available
MAL-2025-192987
  • npm/npm-xmt
Malicious code in npm-xmt (npm) 4 hours ago
  • No fix available
MAL-2025-192984
  • npm/chai-promised-chains
Malicious code in chai-promised-chains (npm) 4 hours ago
  • No fix available
MAL-2025-192985
  • npm/error-fallback
Malicious code in error-fallback (npm) 4 hours ago
  • No fix available
MAL-2025-192979
  • npm/@ptest2535/artifactory-demo-ptest
Malicious code in @ptest2535/artifactory-demo-ptest (npm) 4 hours ago
  • No fix available
MAL-2025-192980
  • npm/@ptest2535/l_woker_mal
Malicious code in @ptest2535/l_woker_mal (npm) 4 hours ago
  • No fix available
MAL-2025-192981
  • npm/@ptest2535/test_package
Malicious code in @ptest2535/test_package (npm) 4 hours ago
  • No fix available
MAL-2025-192982
  • npm/@ptest2535/ui-core_mal
Malicious code in @ptest2535/ui-core_mal (npm) 4 hours ago
  • No fix available
MAL-2025-192988
  • npm/yellowdiscordlookup
Malicious code in yellowdiscordlookup (npm) 4 hours ago
  • No fix available