Homepage

npm

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the npm package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • M
Improper Verification of Source of a Communication Channel

<1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75
  • H
Missing Release of Resource after Effective Lifetime

<1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75
  • H
Information Exposure

<1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75
  • H
Improper Handling of Inconsistent Special Elements

<1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75
  • H
Access of Resource Using Incompatible Type ('Type Confusion')

<1:10.8.2-1.20.20.2.1.module+el8.10.0+24197+1602b452
  • H
Incorrect Execution-Assigned Permissions

<1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75
  • H
Reversible One-Way Hash

<1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75
  • H
Direct Request ('Forced Browsing')

<1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75
  • M
Unchecked Input for Loop Condition

*
  • M
Executable Regular Expression Error

*
  • M
Inefficient Regular Expression Complexity

*
  • H
Reachable Assertion

<1:10.8.2-1.20.20.2.1.module+el8.10.0+24197+1602b452
  • H
Inefficient Regular Expression Complexity

<1:10.8.2-1.20.20.2.1.module+el8.10.0+24197+1602b452
  • M
Directory Traversal

*
  • H
Allocation of Resources Without Limits or Throttling

<1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75
  • M
Improper Handling of Highly Compressed Data (Data Amplification)

*
  • H
CRLF Injection

<1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75
  • H
HTTP Request Smuggling

<1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75
  • H
Allocation of Resources Without Limits or Throttling

<1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75
  • H
Uncaught Exception

<1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75
  • M
Inefficient Regular Expression Complexity

*
  • L
Loop with Unreachable Exit Condition ('Infinite Loop')

*
  • M
Inefficient Regular Expression Complexity

*
  • H
Uncaught Exception

<1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75
  • L
Use of Uninitialized Resource

*
  • H
Link Following

*
  • H
Uncaught Exception

<1:11.11.0-1.24.14.1.2.module+el8.10.0+24190+49a46c75
  • M
Allocation of Resources Without Limits or Throttling

*
  • H
Improper Preservation of Permissions

<1:11.6.2-1.24.13.0.0.module+el8.10.0+23888+24fa7806
  • H
Exposure of System Data to an Unauthorized Control Sphere

<1:11.6.2-1.24.13.0.0.module+el8.10.0+23888+24fa7806
  • H
Allocation of Resources Without Limits or Throttling

<1:11.6.2-1.24.13.0.0.module+el8.10.0+23888+24fa7806
  • H
Improper Preservation of Permissions

<1:11.6.2-1.24.13.0.0.module+el8.10.0+23888+24fa7806
  • H
Uncaught Exception

<1:11.6.2-1.24.13.0.0.module+el8.10.0+23888+24fa7806
  • H
Directory Traversal

*
  • H
Time-of-check Time-of-use (TOCTOU)

*
  • M
Time-of-check Time-of-use (TOCTOU)

*
  • L
Allocation of Resources Without Limits or Throttling

*
  • M
Use After Free

*
  • M
OS Command Injection

*
  • M
Integer Overflow or Wraparound

*
  • H
Numeric Truncation Error

<1:10.9.2-1.22.16.0.2.module+el8.10.0+23338+c5a38893
  • L
Inefficient Regular Expression Complexity

*
  • M
HTTP Request Smuggling

<1:10.8.2-1.20.19.2.1.module+el8.10.0+23139+21ba74c5
  • H
Uncaught Exception

<1:10.9.2-1.22.16.0.1.module+el8.10.0+23140+4056b950
  • H
Memory Leak

<1:10.9.2-1.22.16.0.1.module+el8.10.0+23140+4056b950
  • L
Memory Leak

*
  • H
Heap-based Buffer Overflow

<1:10.9.2-1.22.15.0.1.module+el8.10.0+23068+28ff2340
  • M
Integer Overflow or Wraparound

*
  • M
Use After Free

<1:10.8.2-1.20.19.1.1.module+el8.10.0+23054+5431297f
  • L
Inefficient Regular Expression Complexity

*
  • H
Resource Exhaustion

<1:10.9.2-1.22.13.1.1.module+el8.10.0+22759+46b58560
  • H
Incorrect Authorization

<1:10.9.2-1.22.13.1.1.module+el8.10.0+22759+46b58560
  • H
Use of Insufficiently Random Values

<1:10.9.2-1.22.13.1.1.module+el8.10.0+22759+46b58560
  • L
Incorrect Permission Assignment for Critical Resource

<1:10.8.1-1.20.16.0.1.module+el8.10.0+22203+a88c8310
  • L
CVE-2024-22018

<1:10.8.1-1.20.16.0.1.module+el8.10.0+22203+a88c8310
  • M
CVE-2024-22020

<1:10.7.0-1.18.20.4.1.module+el8.10.0+22199+56ea0ead
  • M
Resource Exhaustion

<1:10.7.0-1.18.20.4.1.module+el8.10.0+22199+56ea0ead
  • H
HTTP Request Smuggling

<1:10.5.0-1.18.20.2.1.module+el8.9.0+21767+537f34ee
  • H
Detection of Error Condition Without Action

<1:10.5.0-1.18.20.2.1.module+el8.9.0+21767+537f34ee
  • H
Resource Exhaustion

<1:10.5.0-1.18.20.2.1.module+el8.9.0+21767+537f34ee
  • H
Resource Exhaustion

<1:10.5.0-1.18.20.2.1.module+el8.9.0+21767+537f34ee
  • H
Improper Privilege Management

<1:10.2.4-1.20.11.1.1.module+el8.9.0+21380+12032667
  • H
Directory Traversal

<1:10.2.4-1.20.11.1.1.module+el8.9.0+21380+12032667
  • M
Directory Traversal

<1:10.2.4-1.20.11.1.1.module+el8.9.0+21380+12032667
  • H
Buffer Under-read

<1:10.5.0-1.18.20.2.1.module+el8.9.0+21767+537f34ee
  • M
Incomplete Documentation

<1:10.2.4-1.20.11.1.1.module+el8.9.0+21380+12032667
  • H
Resource Exhaustion

<1:10.2.4-1.20.11.1.1.module+el8.9.0+21380+12032667
  • H
Arbitrary Code Injection

<1:10.2.4-1.20.11.1.1.module+el8.9.0+21380+12032667
  • H
Covert Timing Channel

<1:10.2.4-1.20.11.1.1.module+el8.9.0+21380+12032667
  • H
Information Exposure

<1:9.8.1-1.18.18.2.1.module+el8.8.0+20407+c11d40bd
  • H
Directory Traversal

<1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824
  • H
Improper Validation of Integrity Check Value

<1:9.8.1-1.18.18.2.1.module+el8.8.0+20407+c11d40bd
  • H
Arbitrary Code Injection

<1:9.8.1-1.18.18.2.1.module+el8.8.0+20407+c11d40bd
  • H
Directory Traversal

<1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824
  • H
Resource Exhaustion

<1:9.8.1-1.18.18.2.1.module+el8.8.0+20407+c11d40bd
  • H
Arbitrary Code Injection

<1:9.6.7-1.18.17.1.1.module+el8.8.0+19757+8ca87034
  • H
Information Exposure

<1:9.6.7-1.18.17.1.1.module+el8.8.0+19757+8ca87034
  • H
Information Exposure

<1:9.6.7-1.18.17.1.1.module+el8.8.0+19757+8ca87034
  • H
Inefficient Regular Expression Complexity

<1:9.6.7-1.18.17.1.1.module+el8.8.0+19757+8ca87034
  • M
CVE-2023-30588

<1:9.5.1-1.18.16.1.1.module+el8.8.0+19438+94e84959
  • M
CVE-2023-30589

<1:9.5.1-1.18.16.1.1.module+el8.8.0+19438+94e84959
  • M
CVE-2023-30581

<1:9.5.1-1.18.16.1.1.module+el8.8.0+19438+94e84959
  • M
CVE-2023-30590

<1:9.5.1-1.18.16.1.1.module+el8.8.0+19438+94e84959
  • H
Out-of-bounds Write

<1:9.5.0-1.18.14.2.3.module+el8.8.0+19021+4b8b11cc
  • H
Use of Insufficiently Random Values

<1:9.5.0-1.18.14.2.3.module+el8.8.0+19021+4b8b11cc
  • H
Resource Exhaustion

<1:9.5.0-1.18.14.2.3.module+el8.8.0+19021+4b8b11cc
  • H
Use of Insufficiently Random Values

<1:9.5.0-1.18.14.2.3.module+el8.8.0+19021+4b8b11cc
  • L
Inefficient Regular Expression Complexity

<1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea
  • M
CRLF Injection

<1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea
  • L
Untrusted Search Path

<1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea
  • M
CVE-2023-23919

<1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea
  • M
Incorrect Authorization

<1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea
  • H
Improper Input Validation

<1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6
  • H
Improper Input Validation

<1:9.5.0-1.18.14.2.3.module+el8.8.0+19021+4b8b11cc
  • M
Inefficient Regular Expression Complexity

<1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea
  • M
Resource Exhaustion

<1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea
  • M
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

<1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47
  • M
Reliance on Reverse DNS Resolution for a Security-Critical Action

<1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99
  • M
Inefficient Regular Expression Complexity

<1:8.19.2-1.18.12.1.2.module+el8.7.0+17306+fc023f99
  • H
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

<1:8.19.1-1.18.9.1.1.module+el8.7.0+16806+4109802b
  • H
HTTP Request Smuggling

<1:8.19.1-1.18.9.1.1.module+el8.7.0+16806+4109802b
  • M
HTTP Request Smuggling

<1:6.14.17-1.14.20.0.2.module+el8.6.0+16231+7c1b33d9
  • M
HTTP Request Smuggling

<1:6.14.17-1.14.20.0.2.module+el8.6.0+16231+7c1b33d9
  • M
Improper Check or Handling of Exceptional Conditions

<1:6.14.17-1.14.20.0.2.module+el8.6.0+16231+7c1b33d9
  • M
HTTP Request Smuggling

<1:6.14.17-1.14.20.0.2.module+el8.6.0+16231+7c1b33d9
  • M
Open Redirect

<1:6.14.17-1.14.20.0.2.module+el8.6.0+16231+7c1b33d9
  • M
Improper Cross-boundary Removal of Sensitive Data

*
  • M
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

*
  • H
Insufficient Verification of Data Authenticity

<1:8.3.1-1.16.14.0.4.module+el8.6.0+15294+54b291d2
  • M
Open Redirect

<1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47
  • M
Improperly Controlled Modification of Dynamically-Determined Object Attributes

<1:6.14.16-1.12.22.12.1.module+el8.6.0+15324+1f2c5d8d
  • M
Improper Certificate Validation

<1:6.14.16-1.12.22.12.1.module+el8.6.0+15324+1f2c5d8d
  • M
Improper Certificate Validation

<1:6.14.16-1.12.22.12.1.module+el8.6.0+15324+1f2c5d8d
  • M
Improper Certificate Validation

<1:6.14.16-1.12.22.12.1.module+el8.6.0+15324+1f2c5d8d
  • M
Improperly Controlled Modification of Dynamically-Determined Object Attributes

<1:6.14.16-1.12.22.12.1.module+el8.6.0+15324+1f2c5d8d
  • M
HTTP Request Smuggling

<1:6.14.16-1.12.22.12.1.module+el8.6.0+15324+1f2c5d8d
  • M
HTTP Request Smuggling

<1:6.14.16-1.12.22.12.1.module+el8.6.0+15324+1f2c5d8d
  • M
Resource Exhaustion

*
  • M
Link Following

<1:6.14.16-1.12.22.12.1.module+el8.6.0+15324+1f2c5d8d
  • M
Link Following

<1:6.14.16-1.12.22.12.1.module+el8.6.0+15324+1f2c5d8d
  • M
Directory Traversal

<1:6.14.14-1.12.22.5.1.module+el8.4.0+12242+af52a4c7
  • M
Directory Traversal

<1:6.14.14-1.12.22.5.1.module+el8.4.0+12242+af52a4c7
  • H
Improper Input Validation

<1:6.14.14-1.12.22.5.1.module+el8.4.0+12242+af52a4c7
  • H
Improper Input Validation

<1:6.14.14-1.12.22.5.1.module+el8.4.0+12242+af52a4c7
  • H
Use After Free

<1:6.14.14-1.12.22.5.1.module+el8.4.0+12242+af52a4c7
  • H
Cross-site Scripting (XSS)

<1:6.14.14-1.12.22.5.1.module+el8.4.0+12242+af52a4c7
  • H
Use After Free

<1:6.14.14-1.12.22.5.1.module+el8.4.0+12242+af52a4c7
  • L
Resource Exhaustion

*
  • H
Resource Exhaustion

<1:6.14.11-1.12.21.0.1.module+el8.3.0+10191+34fb5a07
  • H
Improper Input Validation

<1:6.14.11-1.12.21.0.1.module+el8.3.0+10191+34fb5a07
  • M
Resource Exhaustion

<1:6.14.10-1.10.23.1.1.module+el8.3.0+9502+012d8a97
  • M
Modification of Assumed-Immutable Data (MAID)

<1:6.14.10-1.12.20.1.1.module+el8.3.0+9503+19cb079c
  • M
Improper Input Validation

<1:6.14.10-1.12.20.1.1.module+el8.3.0+9503+19cb079c
  • M
Modification of Assumed-Immutable Data (MAID)

<1:6.14.10-1.12.20.1.1.module+el8.3.0+9503+19cb079c
  • M
Use After Free

<1:6.14.10-1.10.23.1.1.module+el8.3.0+9502+012d8a97
  • M
HTTP Request Smuggling

<1:6.14.10-1.10.23.1.1.module+el8.3.0+9502+012d8a97
  • M
Resource Exhaustion

<1:6.14.10-1.10.23.1.1.module+el8.3.0+9502+012d8a97
  • M
Modification of Assumed-Immutable Data (MAID)

<1:6.14.10-1.10.23.1.1.module+el8.3.0+9502+012d8a97
  • M
Improperly Controlled Modification of Dynamically-Determined Object Attributes

<1:6.14.10-1.10.23.1.1.module+el8.3.0+9502+012d8a97
  • M
Privilege Defined With Unsafe Actions

<1:6.14.10-1.10.23.1.1.module+el8.3.0+9502+012d8a97
  • M
Out-of-Bounds

<1:6.14.8-1.12.19.1.1.module+el8.3.0+8851+b7b41ca0
  • M
Information Exposure Through Log Files

<1:6.14.10-1.10.23.1.1.module+el8.3.0+9502+012d8a97
  • H
Incorrect Calculation of Buffer Size

<1:6.14.10-1.10.23.1.1.module+el8.3.0+9502+012d8a97
  • M
Modification of Assumed-Immutable Data (MAID)

<1:6.14.10-1.10.23.1.1.module+el8.3.0+9502+012d8a97
  • M
HTTP Request Smuggling

<1:6.14.6-1.12.18.4.2.module+el8.2.0+8361+192e434e
  • H
Improper Authorization

<1:6.14.5-1.12.18.2.1.module+el8.2.0+7233+61d664c1
  • H
Improper Input Validation

<1:6.14.5-1.12.18.2.1.module+el8.2.0+7233+61d664c1
  • H
Allocation of Resources Without Limits or Throttling

<1:6.14.5-1.12.18.2.1.module+el8.2.0+7233+61d664c1
  • H
Out-of-Bounds

<1:6.14.5-1.12.18.2.1.module+el8.2.0+7233+61d664c1
  • H
Integer Overflow or Wraparound

<1:6.13.4-1.12.16.1.2.module+el8.1.0+6117+b25a342c
  • H
HTTP Request Smuggling

<1:6.13.4-1.12.16.1.1.module+el8.1.0+5811+44509afe
  • H
Improper Neutralization of Special Elements

<1:6.13.4-1.12.16.1.1.module+el8.1.0+5811+44509afe
  • H
Encoding Error

<1:6.13.4-1.12.16.1.1.module+el8.1.0+5811+44509afe
  • H
Resource Exhaustion

<1:6.9.0-1.10.16.3.2.module+el8.0.0+4214+49953fda
  • H
Resource Exhaustion

<1:6.9.0-1.10.16.3.2.module+el8.0.0+4214+49953fda
  • H
Resource Exhaustion

<1:6.9.0-1.10.16.3.2.module+el8.0.0+4214+49953fda
  • H
Resource Exhaustion

<1:6.9.0-1.10.16.3.2.module+el8.0.0+4214+49953fda
  • H
Resource Exhaustion

<1:6.9.0-1.10.16.3.2.module+el8.0.0+4214+49953fda
  • H
Resource Exhaustion

<1:6.9.0-1.10.16.3.2.module+el8.0.0+4214+49953fda
  • H
Resource Exhaustion

<1:6.9.0-1.10.16.3.2.module+el8.0.0+4214+49953fda
  • H
Resource Exhaustion

<1:6.9.0-1.10.16.3.2.module+el8.0.0+4214+49953fda
  • H
Resource Exhaustion

<1:6.9.0-1.10.16.3.2.module+el8.0.0+4214+49953fda
  • L
Improper Input Validation

<1:6.13.4-1.12.14.1.1.module+el8.1.0+5466+30f75629
  • L
Improper Input Validation

<1:6.13.4-1.12.14.1.1.module+el8.1.0+5466+30f75629
  • L
Improper Input Validation

<1:6.13.4-1.12.14.1.1.module+el8.1.0+5466+30f75629
  • M
Resource Exhaustion

<1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Resource Exhaustion

*
  • M
Out-of-bounds Read

<1:6.14.13-1.12.22.3.2.module+el8.4.0+11732+c668cc9f
  • M
Resource Exhaustion

<1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd
  • L
Improper Initialization

*