We’ve disclosed 15 vulnerabilities 🎉
The
Snyk security team
helps disclose many vulnerabilities every month, in key packages across a variety of ecosystems. We work
closely with open source package maintainers in order to ensure all vulnerabilities are responsibly and
efficiently handled in a timely manner.
Our ever-growing list of sources include:
-
Vulnerability disclosures and reports sent to us from members of the community
-
Vulnerabilities we've uncovered by monitoring security chatter and trends across open source ecosystems
-
Partnerships with organizations and academic institutions
-
Research done internally by the Snyk Security Team
Featured disclosed vulnerabilities
Malicious Package
performance-quality-models-nodejs Open this link in a new tab
Discovered by Snyk Research Team
Malicious Package
com.google.play.billing Open this link in a new tab
Discovered by Snyk Research Team
Recently disclosed vulnerabilities by Snyk
- H
Prototype Pollution in ts-deepmerge (npm)
- C
Malicious Package in performance-quality-models-nodejs (npm)
- C
Malicious Package in com.google.play.billing (npm)
- C
Malicious Package in sxg-playground (npm)
- C
Malicious Package in node-example.ts (npm)
- C
Malicious Package in gcore-cdn-stats (npm)
- C
Malicious Package in federalist-admin (npm)
- C
Malicious Package in meesho-pow (npm)
- C
Malicious Package in discount-package-js (npm)
- C
Malicious Package in vscode-lsp (npm)