Vulnerability DB

Detailed information and remediation guidance for known vulnerabilities.

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Expand this section

PACKAGE MANAGER

Report a new vulnerability
VULNERABILITY AFFECTS TYPE PUBLISHED
  • M
Prototype Pollution
utils-copy Open this link in a new tab * npm 24 Nov 2021
  • M
Improper Certificate Validation
aws-crt Open this link in a new tab <1.8.2 npm 23 Nov 2021
  • M
Improper Certificate Validation
aws-crt Open this link in a new tab <1.9.0 npm 23 Nov 2021
  • M
Improper Certificate Validation
aws-crt Open this link in a new tab <1.7.1 npm 23 Nov 2021
  • M
Improper Certificate Validation
aws-crt Open this link in a new tab <1.8.2 npm 23 Nov 2021
  • M
Prototype Pollution
algoliasearch-helper Open this link in a new tab <3.6.2 npm 19 Nov 2021
  • H
Cross-site Scripting (XSS)
ckeditor4 Open this link in a new tab <4.17.0 npm 18 Nov 2021
  • H
Cross-site Scripting (XSS)
ckeditor4 Open this link in a new tab <4.17.0 npm 18 Nov 2021
  • M
Server-side Request Forgery (SSRF)
ssrf-agent Open this link in a new tab <1.0.5 npm 17 Nov 2021
  • M
Cross-site Scripting (XSS)
@factor/plugin-forum Open this link in a new tab >=1.3.3 npm 16 Nov 2021
  • M
Authentication Bypass
@factor/cli Open this link in a new tab >=1.1.0 <3.0.1 npm 16 Nov 2021
  • M
Improper Verification of Source of a Communication Channel
@theia/plugin-ext Open this link in a new tab <1.18.0 npm 16 Nov 2021
  • M
Regular Expression Denial of Service (ReDoS)
terminal-kit Open this link in a new tab <2.1.8 npm 16 Nov 2021
  • M
Numeric Errors
@openzeppelin/contracts-upgradeable Open this link in a new tab >=4.2.0 <4.3.3 npm 16 Nov 2021
  • M
Numeric Errors
@openzeppelin/contracts Open this link in a new tab >=4.2.0 <4.3.3 npm 16 Nov 2021
  • M
Cross-site Scripting (XSS)
@factor/plugin-forum Open this link in a new tab >=1.3.8 npm 16 Nov 2021
  • M
Cross-site Scripting (XSS)
@factor/plugin-forum Open this link in a new tab >=1.3.5 npm 16 Nov 2021
  • C
Improper Initialization
@openzeppelin/contracts-upgradeable Open this link in a new tab >=4.1.0 <4.3.2 npm 15 Nov 2021
  • C
Improper Initialization
@openzeppelin/contracts Open this link in a new tab >=4.1.0 <4.3.2 npm 15 Nov 2021
  • H
Prototype Pollution
json-schema Open this link in a new tab <0.4.0 npm 14 Nov 2021
  • H
Malicious Package
@xvideos/alerts Open this link in a new tab * npm 14 Nov 2021
  • H
Malicious Package
@pornhub/alerts Open this link in a new tab * npm 14 Nov 2021
  • H
Insufficient Session Expiration
@cyyynthia/tokenize Open this link in a new tab <1.1.3 npm 11 Nov 2021
  • M
Regular Expression Denial of Service (ReDoS)
natural Open this link in a new tab <5.1.11 npm 11 Nov 2021
  • M
Cross-site Scripting (XSS)
uswds Open this link in a new tab <2.12.2 npm 10 Nov 2021
  • M
Regular Expression Denial of Service (ReDoS)
uglify-js Open this link in a new tab <3.14.3 npm 9 Nov 2021
  • H
Improper Verification of Cryptographic Signature
starkbank-ecdsa Open this link in a new tab <1.1.3 npm 9 Nov 2021
  • H
Cross-site Scripting (XSS)
graphql-playground-react Open this link in a new tab <1.7.28 npm 9 Nov 2021
  • H
Cross-site Scripting (XSS)
apollo-server Open this link in a new tab <2.25.3 >=3.0.0 <3.4.1 npm 9 Nov 2021
  • M
Cross-site Scripting (XSS)
apostrophe Open this link in a new tab >=2.63.0 <3.4.0 npm 8 Nov 2021