Vulnerability Library

ID
Packages
Summary
Affected versions
Last modified
Fix
GHSA-gpqq-952q-5327
  • npm/jquery-ui
XSS in the `of` option of the `.position()` util in jquery-ui
  • See details.
2022-10-04T21:36:19Z Fix available
GHSA-2j79-8pqc-r7x6
  • npm/react-native-reanimated
react-native-reanimated vulnerable to ReDoS
  • See details.
2022-10-04T21:16:38Z Fix available
GHSA-p28h-cc7q-c4fg
  • npm/css-what
css-what vulnerable to ReDoS due to use of insecure regular expression
  • See details.
2022-10-04T21:11:32Z Fix available
GHSA-f2jv-r9rf-7988
  • npm/handlebars
  • Maven/org.webjars:handlebars
  • Maven/org.webjars.npm:handlebars
  • Maven/org.webjars.bowergithub.wycats:handlebars.js
Remote code execution in handlebars when compiling templates
  • 1.0.0
  • 1.0.0-rc.3
  • 1.0.0-rc.4
  • 1.0.rc.1
  • 1.1.2
  • 1.2.1
  • 1.3.0
  • ...
2022-10-04T16:49:11.056593Z Fix available
GHSA-29xr-v42j-r956
  • npm/thenify
  • Maven/org.webjars.npm:thenify
thenify before 3.3.1 made use of unsafe calls to `eval`.
  • 3.1.0
  • 3.3.0
2022-10-03T20:02:00.117631Z Fix available
GHSA-82v2-mx6x-wq7q
  • npm/log4js
Incorrect Default Permissions in log4js
  • See details.
2022-10-03T19:49:13Z Fix available
GHSA-r48r-j8fx-mq2c
  • npm/matrix-js-sdk
matrix-js-sdk subject to user spoofing via Olm/Megolm protocol confusion
  • See details.
2022-10-03T19:46:42Z Fix available
GHSA-4phg-hpqm-c3j4
  • npm/strapi
  • npm/@strapi/strapi
Strapi mishandles hidden attributes within admin API responses
  • See details.
2022-10-03T19:45:15Z Fix available
GHSA-9qh2-6fxg-9m4g
  • npm/opencc
Open Chinese Convert subject to Denial of Service via Out-of-bounds Read
  • See details.
2022-09-30T23:13:59Z No fix available
GHSA-2jjq-x548-rhpv
  • npm/isolated-vm
isolated-vm has vulnerable CachedDataOptions in API
  • See details.
2022-09-30T22:59:03Z No fix available
GHSA-5w8r-8pgj-5jmf
  • npm/matrix-js-sdk
matrix-js-sdk subject to user impersonation due to key/device identifier confusion in SAS verification
  • See details.
2022-09-30T22:46:50Z Fix available
GHSA-mc23-976p-j42x
  • npm/xterm
  • npm/xterm
  • npm/xterm
Low severity vulnerability that affects xterm
  • See details.
2022-09-30T08:12:50Z Fix available
GHSA-4rxr-27mm-mxq9
  • npm/@next-auth/upstash-redis-adapter
Upstash Adapter missing token verification
  • See details.
2022-09-30T05:31:32Z Fix available
GHSA-grjp-4jmr-mjcw
  • npm/express-xss-sanitizer
express-xss-sanitizer vulnerable to Prototype Pollution via allowedTags attribute
  • See details.
2022-09-30T04:42:55Z Fix available
GHSA-cf4h-3jhx-xvhq
  • npm/underscore
Arbitrary Code Execution in underscore
  • See details.
2022-09-30T02:23:38Z Fix available
GHSA-6263-x97c-c4gg
  • npm/matrix-js-sdk
matrix-js-sdk subject to impersonated messages due to permissive key forwarding
  • See details.
2022-09-30T00:40:35Z Fix available