Disclosed Vulnerabilities | Snyk

Vulnerability disclosures and reports sent to us from members of the community
Vulnerabilities we've uncovered by monitoring security chatter and trends across open source ecosystems
Partnerships with organizations and academic institutions
Research done internally by the Snyk Security Team

Report a new vulnerability

Featured disclosed vulnerabilities

Code Injection

Affects

snyk-gradle-plugin

Discovered by Unknown

Code Injection

Affects

snyk-php-plugin

Discovered by Unknown

Denial of Service (DoS)

Affects

http-proxy-middleware

Discovered by Marc Hassan

Recently disclosed vulnerabilities by Snyk

- H
Code Injection in snyk-gradle-plugin (npm)

24 Oct 2024
- H
Code Injection in snyk-php-plugin (npm)

24 Oct 2024
- H
Denial of Service (DoS) in http-proxy-middleware (npm)

Discovered by Marc Hassan

18 Oct 2024
- M
Cross-site Scripting (XSS) in markdown-to-jsx (npm)

Discovered by Rustam Komildzhonov

14 Oct 2024
- C
Remote Code Execution (RCE) in jsonpath-plus (npm)

Discovered by Andrea Angelo Raineri

10 Oct 2024
- M
Arbitrary Argument Injection in ggit (npm)

Discovered by Liran Tal

7 Oct 2024
- M
Command Injection in ggit (npm)

Discovered by Liran Tal

7 Oct 2024
- C
Malicious Package in braintree_express_example (npm)

2 Oct 2024
- C
Malicious Package in braintree.github.io (npm)

2 Oct 2024
- C
Malicious Package in annotation-app (npm)

2 Oct 2024

View all vulnerabilities disclosed by Snyk