We’ve disclosed 3198 vulnerabilities
by Snyk Security
Researchers
How to fix?
Upgrade curl
to version 8.4.0 or higher.
electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS.
Affected versions of this package are vulnerable to Out-of-Bounds. An attacker can potentially exploit heap corruption by using a crafted avif
file.
py7zr is a Pure python 7-zip library
Affected versions of this package are vulnerable to Cleartext Storage of Sensitive Information by handling passwords unencrypted.
Affected versions of this package are vulnerable to XML External Entity (XXE) Injection when parsing XML files such as ".project" that contain DOCTYPE
contents.
Cross-site Scripting (XSS) in angularjs.core (nuget)
Regular Expression Denial of Service (ReDoS) in angularjs.core (nuget)
Regular Expression Denial of Service (ReDoS) in angularjs.core (nuget)
Regular Expression Denial of Service (ReDoS) in angularjs.core (nuget)
Command Injection in chromedriver (npm)
by Snyk Security
Researchers
Snyk is a developer security platform. Integrating directly into development tools, workflows, and automation pipelines, Snyk makes it easy for teams to find, prioritize, and fix security vulnerabilities in code, dependencies, containers, and infrastructure as code. Supported by industry-leading application and security intelligence, Snyk puts security expertise in any developer's toolkit.