Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

34 advisories

Loading
mysql2 cache poisoning vulnerability Moderate
CVE-2024-21507 was published for mysql2 (npm) Apr 10, 2024
Cache Poisoning Vulnerability Moderate
CVE-2024-29042 was published for translate (npm) Mar 22, 2024
PinkDraconian
Follow Redirects improperly handles URLs in the url.parse() function Moderate
CVE-2023-26159 was published for follow-redirects (npm) Jan 2, 2024
iainsproat
Cube API denial of service attack Moderate
CVE-2023-50709 was published for @cubejs-backend/api-gateway (npm) Dec 13, 2023
@adobe/css-tools Improper Input Validation and Inefficient Regular Expression Complexity Moderate
CVE-2023-48631 was published for @adobe/css-tools (npm) Nov 30, 2023
JWT Algorithm Confusion Moderate
CVE-2023-48223 was published for fast-jwt (npm) Nov 20, 2023
PinkDraconian
Improper Input Validation in vriteio/vrite Moderate
CVE-2023-5571 was published for @vrite/sdk (npm) Oct 13, 2023
Improper Input Validation in nocodb Moderate
CVE-2023-5104 was published for nocodb (npm) Sep 21, 2023
@adobe/css-tools Regular Expression Denial of Service (ReDOS) while Parsing CSS Moderate
CVE-2023-26364 was published for @adobe/css-tools (npm) Aug 29, 2023
matrix-appservice-irc IRC command injection via admin commands containing newlines Moderate
CVE-2023-38690 was published for matrix-appservice-irc (npm) Aug 4, 2023
Invalid push request payload crashes Parse Server Moderate
CVE-2023-32688 was published for parse-server-push-adapter (npm) May 22, 2023
dblythy mtrezza
Improper beacon events in matrix-js-sdk can result in availability issues Moderate
CVE-2022-39236 was published for matrix-js-sdk (npm) Sep 29, 2022
AutoUpdater module fails to validate certain nested components of the bundle Moderate
CVE-2022-29257 was published for electron (npm) Jun 16, 2022
Improper Input Validation in strapi Moderate
CVE-2020-13961 was published for strapi (npm) May 24, 2022
Auth0 angular-jwt misinterprets allowlist as regex Moderate
CVE-2018-11537 was published for angular-jwt (npm) May 14, 2022
Spoofing attack in swagger-ui Moderate
CVE-2018-25031 was published for swagger-ui (npm) Mar 12, 2022
Improper Input Validation in url-js Moderate
CVE-2022-25839 was published for url-js (npm) Mar 12, 2022
Leading white space bypasses protocol validation Moderate
CVE-2022-24723 was published for urijs (npm) Mar 3, 2022
P0cas
Denial of Service Vulnerability in next.js Moderate
CVE-2022-21721 was published for next (npm) Jan 28, 2022
ijjk
Improper Validation and Sanitization in url-parse Moderate
CVE-2020-8124 was published for url-parse (npm) Jan 6, 2022
Improperly Controlled Modification of Dynamically-Determined Object Attributes in vega-util Moderate
CVE-2019-10806 was published for vega-util (npm) May 7, 2021
Improper Input Validation in Google Closure Library Moderate
CVE-2020-8910 was published for google-closure-library (npm) May 7, 2021
Improper Input Validation in sanitize-html Moderate
CVE-2021-26540 was published for sanitize-html (npm) May 6, 2021
Improper Input Validation in sanitize-html Moderate
CVE-2021-26539 was published for sanitize-html (npm) May 6, 2021
tdunlap607
Improper Input Validation in SocksJS-Node Moderate
CVE-2020-7693 was published for sockjs (npm) Apr 13, 2021
ProTip! Advisories are also available from the GraphQL API