We’ve disclosed 3357 vulnerabilities
by Snyk Security
Researchers
How to fix?
There is no fixed version for OpenPrinting/cups-browsed
.
@saltcorn/server is a Server app for Saltcorn, open-source no-code platform
Affected versions of this package are vulnerable to Directory Traversal due to missing sanitization of the filename
parameter used to identify the zip file when passed to the res.download
API. This allows an attacker with admin permission to read and download arbitrary zip files when downloading auto backups.
ironic is an OpenStack Bare Metal Provisioning
Affected versions of this package are vulnerable to Improper Validation of Integrity Check Value due missing validations of checksum files of supplied image_source
URLs, before the raw format conversion.
Affected versions of this package are vulnerable to Uncontrolled Resource Consumption due to the mishandling of unbalanced comment strings in JSONTokener.java
. An attacker can execute arbitrary code or cause a denial of service by injecting malformed input that exploits this flaw.
Arbitrary Argument Injection in ggit (npm)
Command Injection in ggit (npm)
Malicious Package in braintree_express_example (npm)
Malicious Package in braintree.github.io (npm)
Malicious Package in annotation-app (npm)
by Snyk Security
Researchers
Snyk is a developer security platform. Integrating directly into development tools, workflows, and automation pipelines, Snyk makes it easy for teams to find, prioritize, and fix security vulnerabilities in code, dependencies, containers, and infrastructure as code. Supported by industry-leading application and security intelligence, Snyk puts security expertise in any developer's toolkit.