Vulnerability Database
About
Vulnerability Library
search
All ecosystems
35697
Alpine
2864
Android
361
crates.io
948
Debian
8733
DWF
15
GitHub Actions
3
Go
893
GSD
35
Hex
18
Linux
9244
Maven
2173
npm
2648
NuGet
223
OSS-Fuzz
2463
Packagist
1065
Pub
3
PyPI
3527
RubyGems
481
UVI
0
ID
Packages
Summary
Affected versions
Last modified
Fix
GHSA-gpqq-952q-5327
npm/jquery-ui
XSS in the `of` option of the `.position()` util in jquery-ui
See details.
2022-10-04T21:36:19Z
Fix available
GHSA-2j79-8pqc-r7x6
npm/react-native-reanimated
react-native-reanimated vulnerable to ReDoS
See details.
2022-10-04T21:16:38Z
Fix available
GHSA-p28h-cc7q-c4fg
npm/css-what
css-what vulnerable to ReDoS due to use of insecure regular expression
See details.
2022-10-04T21:11:32Z
Fix available
GHSA-f2jv-r9rf-7988
npm/handlebars
Maven/org.webjars:handlebars
Maven/org.webjars.npm:handlebars
Maven/org.webjars.bowergithub.wycats:handlebars.js
Remote code execution in handlebars when compiling templates
1.0.0
1.0.0-rc.3
1.0.0-rc.4
1.0.rc.1
1.1.2
1.2.1
1.3.0
...
2022-10-04T16:49:11.056593Z
Fix available
GHSA-29xr-v42j-r956
npm/thenify
Maven/org.webjars.npm:thenify
thenify before 3.3.1 made use of unsafe calls to `eval`.
3.1.0
3.3.0
2022-10-03T20:02:00.117631Z
Fix available
GHSA-82v2-mx6x-wq7q
npm/log4js
Incorrect Default Permissions in log4js
See details.
2022-10-03T19:49:13Z
Fix available
GHSA-r48r-j8fx-mq2c
npm/matrix-js-sdk
matrix-js-sdk subject to user spoofing via Olm/Megolm protocol confusion
See details.
2022-10-03T19:46:42Z
Fix available
GHSA-4phg-hpqm-c3j4
npm/strapi
npm/@strapi/strapi
Strapi mishandles hidden attributes within admin API responses
See details.
2022-10-03T19:45:15Z
Fix available
GHSA-9qh2-6fxg-9m4g
npm/opencc
Open Chinese Convert subject to Denial of Service via Out-of-bounds Read
See details.
2022-09-30T23:13:59Z
No fix available
GHSA-2jjq-x548-rhpv
npm/isolated-vm
isolated-vm has vulnerable CachedDataOptions in API
See details.
2022-09-30T22:59:03Z
No fix available
GHSA-5w8r-8pgj-5jmf
npm/matrix-js-sdk
matrix-js-sdk subject to user impersonation due to key/device identifier confusion in SAS verification
See details.
2022-09-30T22:46:50Z
Fix available
GHSA-mc23-976p-j42x
npm/xterm
npm/xterm
npm/xterm
Low severity vulnerability that affects xterm
See details.
2022-09-30T08:12:50Z
Fix available
GHSA-4rxr-27mm-mxq9
npm/@next-auth/upstash-redis-adapter
Upstash Adapter missing token verification
See details.
2022-09-30T05:31:32Z
Fix available
GHSA-grjp-4jmr-mjcw
npm/express-xss-sanitizer
express-xss-sanitizer vulnerable to Prototype Pollution via allowedTags attribute
See details.
2022-09-30T04:42:55Z
Fix available
GHSA-cf4h-3jhx-xvhq
npm/underscore
Arbitrary Code Execution in underscore
See details.
2022-09-30T02:23:38Z
Fix available
GHSA-6263-x97c-c4gg
npm/matrix-js-sdk
matrix-js-sdk subject to impersonated messages due to permissive key forwarding
See details.
2022-09-30T00:40:35Z
Fix available
Load more...
npm - OSV
