We’ve disclosed 4 vulnerabilities 🎉
The
Snyk security team
helps disclose many vulnerabilities every month, in key packages across a variety of ecosystems. We work
closely with open source package maintainers in order to ensure all vulnerabilities are responsibly and
efficiently handled in a timely manner.
Our ever-growing list of sources include:
-
Vulnerability disclosures and reports sent to us from members of the community
-
Vulnerabilities we've uncovered by monitoring security chatter and trends across open source ecosystems
-
Partnerships with organizations and academic institutions
-
Research done internally by the Snyk Security Team
Featured disclosed vulnerabilities
Regular Expression Denial of Service (ReDoS)
angularjs.core
Discovered by Michael Prentice, George Kalpakas
Regular Expression Denial of Service (ReDoS)
angularjs.core
Discovered by Michael Prentice, George Kalpakas
Recently disclosed vulnerabilities by Snyk
- M
Cross-site Scripting (XSS) in angularjs.core (nuget)
- M
Regular Expression Denial of Service (ReDoS) in angularjs.core (nuget)
- M
Regular Expression Denial of Service (ReDoS) in angularjs.core (nuget)
- M
Regular Expression Denial of Service (ReDoS) in angularjs.core (nuget)
- M
Command Injection in chromedriver (npm)
- H
Command Injection in node-qpdf (npm)
- H
Command Injection in geokit-rails (rubygems)
- H
Directory Traversal in static-server (npm)
- H
Denial of Service (DoS) in asyncua (pip)
- M
Improper Authentication in asyncua (pip)