Vulnerability Library

ID
Packages
Summary
Affected versions
Last modified
Fix
GHSA-hc9w-4p87-j549
  • npm/cached-path-relative
Prototype Pollution in cached-path-relative
  • See details.
2023-02-04T00:15:03Z Fix available
GHSA-wqxw-8h5g-hq56
  • npm/switcher-client
Switcher Client contains Regular Expression Denial of Service (ReDoS)
  • See details.
2023-02-04T00:14:09Z Fix available
GHSA-vm5r-c87r-pf6x
  • npm/parse-server
Parse Server option `masterKeyIps` vulnerability to IP spoofing
  • See details.
2023-02-04T00:14:05Z Fix available
GHSA-2mp5-m968-gwr2
  • npm/http-file-server
Path Traversal in http-file-server
  • See details.
2023-02-03T20:45:52Z No fix available
GHSA-c9j3-wqph-5xx9
  • npm/egg-scripts
Command Injection in egg-scripts
  • See details.
2023-02-03T20:45:07Z Fix available
GHSA-h3c2-x77c-7pvr
  • npm/git-dummy-commit
Command Injection in git-dummy-commit
  • See details.
2023-02-03T20:44:46Z No fix available
GHSA-9w5j-4mwv-2wj8
  • npm/simple-git
Remote code execution in simple-git
  • See details.
2023-02-03T20:33:15Z Fix available
GHSA-j8wr-fwf2-vvr9
  • npm/create-choo-electron
Command Injection in create-choo-electron
  • See details.
2023-02-03T20:29:29Z No fix available
GHSA-54jw-jqr9-6cj9
  • npm/vagrant.js
Command injection in vagrant.js
  • See details.
2023-02-03T20:29:11Z No fix available
GHSA-hpcf-8vf9-q4gj
  • npm/jquery-ui
  • RubyGems/jquery-ui-rails
jQuery-UI vulnerable to Cross-site Scripting in dialog closeText
  • 0.0.1
  • 0.0.2
  • 0.1.0
  • 0.2.0
  • 0.2.1
  • 0.2.2
  • 0.3.0
  • ...
2023-02-03T05:58:12.045081Z Fix available
GHSA-5pm8-492c-92p5
  • RubyGems/chartkick
  • npm/chartkick
Prototype Pollution in chartkick
  • 0.0.1
  • 0.0.2
  • 0.0.3
  • 0.0.4
  • 0.0.5
  • 1.0.0
  • 1.0.1
  • ...
2023-02-03T05:57:27.714898Z Fix available
GHSA-v9p9-535w-4285
  • npm/litespeed.js
  • Packagist/appwrite/server-ce
  • Packagist/appwrite/server-ce
Prototype Pollution in litespeed.js and appwrite/server-ce
  • 0.12.0
  • 0.12.1
  • 0.1.13
  • 0.1.15
  • 0.10.0
  • 0.10.1
  • 0.10.2
  • ...
2023-02-03T05:56:40.247179Z Fix available
GHSA-3c6g-pvg8-gqw2
  • npm/json
  • Maven/org.webjars.npm:json
Command injection in json
  • 9.0.6
2023-02-03T05:53:00.076906Z Fix available
GHSA-wm7h-9275-46v2
  • npm/dicer
  • Maven/org.webjars.npm:dicer
Crash in HeaderParser in dicer
  • 0.2.5
  • 0.3.0
2023-02-03T05:52:08.604634Z No fix available
GHSA-w7jx-j77m-wp65
  • npm/tinymce
  • NuGet/TinyMCE
  • Packagist/tinymce/tinymce
Cross-site scripting vulnerability in TinyMCE
  • 3.4.3.2
  • 3.4.4
  • 3.4.5
  • 3.4.7
  • 3.5.0
  • 3.5.0.1
  • 3.5.1
  • ...
2023-02-02T17:56:03.796783Z Fix available
GHSA-2275-rpf5-xv8h
  • npm/is-http2
is-http2 vulnerable to Command Injection
  • See details.
2023-02-02T17:13:07Z No fix available