We’ve disclosed 13 vulnerabilities 🎉
The Snyk security team helps disclose many vulnerabilities every month, in key packages across a variety
of ecosystems. We work closely with open source package maintainers in order to ensure all vulnerabilities
are responsibly and efficiently handled in a timely manner.
Our ever-growing list of sources include:
-
Vulnerability disclosures and reports sent to us from members of the community
-
Vulnerabilities we've uncovered by monitoring security chatter and trends across open source ecosystems
-
Partnerships with organizations and academic institutions
-
Research done internally by the Snyk Security Team
Featured disclosed vulnerabilities
Recently disclosed vulnerabilities by Snyk
- H
Regular Expression Denial of Service (ReDoS) in @eslint/plugin-kit (npm)
- M
Arbitrary Code Execution in dom-iterator (npm)
- H
Directory Traversal in source-map-support (npm)
- M
Cross-site Scripting (XSS) in tarteaucitronjs (npm)
- H
Regular Expression Denial of Service (ReDoS) in cross-spawn (npm)
- M
Reliance on Untrusted Inputs in a Security Decision in sinatra (rubygems)
- C
Arbitrary Code Execution in lilconfig (npm)
- H
Code Injection in snyk-gradle-plugin (npm)
- H
Code Injection in snyk-php-plugin (npm)
- H
Denial of Service (DoS) in http-proxy-middleware (npm)