We’ve disclosed 8 vulnerabilities 🎉
The
Snyk security team
helps disclose many vulnerabilities every month, in key packages across a variety of ecosystems. We work
closely with open source package maintainers in order to ensure all vulnerabilities are responsibly and
efficiently handled in a timely manner.
Our ever-growing list of sources include:
-
Vulnerability disclosures and reports sent to us from members of the community
-
Vulnerabilities we've uncovered by monitoring security chatter and trends across open source ecosystems
-
Partnerships with organizations and academic institutions
-
Research done internally by the Snyk Security Team
Featured disclosed vulnerabilities
Recently disclosed vulnerabilities by Snyk
- H
Directory Traversal in static-server (npm)
- M
Denial of Service (DoS) in asyncua (pip)
- M
Improper Authentication in asyncua (pip)
- M
Cross-site Scripting (XSS) in quill-mention (npm)
- H
Command Injection in pydash (pip)
- M
Denial of Service (DoS) in graphql (npm)
- M
Arbitrary Argument Injection in blamer (npm)
- M
Denial of Service (DoS) in sidekiq (rubygems)
- M
Cross-site Scripting (XSS) in @excalidraw/excalidraw (npm)
- L
Undesired Behavior in moq (nuget)