We’ve disclosed 2308 vulnerabilities
by Snyk Security
How to fix?
openssl to version 3.0.7 or higher.
Affected versions of this package are vulnerable to Insufficiently Protected Credentials due to the usage of misconfigured build script in its source package, which bundles environment variables (
AIRTABLE_ENDPOINT_URL) into the build target of a transpiled bundle.
NOTE: This vulnerability is relevant only if all of the following conditions are met:
the user has cloned the
Airtable.js source onto their machine.
the user runs the npm prepare script
the user has the
AIRTABLE_API_KEY environment variable set.
pydesings is a malicious package. This package contains malicious code that deploys WASP stealer malware.
com.typesafe.play:play-ws is a tool to build scalable web applications with Java and Scala
Affected versions of this package are vulnerable to Inadequate Encryption Strength when configured to make requests using an authenticated HTTP proxy. Attackers can reveal the base64-encoded proxy credentials used for HTTPS connections.
Session Fixation in tribalsystems/zenario (composer)
Command Injection in snyk-docker-plugin (npm)
Command Injection in @snyk/snyk-hex-plugin (npm)
Command Injection in snyk-mvn-plugin (npm)
Command Injection in snyk-python-plugin (npm)
by Snyk Security
Snyk is a developer security platform. Integrating directly into development tools, workflows, and automation pipelines, Snyk makes it easy for teams to find, prioritize, and fix security vulnerabilities in code, dependencies, containers, and infrastructure as code. Supported by industry-leading application and security intelligence, Snyk puts security expertise in any developer's toolkit.