nemo | Snyk

Direct Vulnerabilities

Known vulnerabilities in the nemo package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
C Insufficient Verification of Data Authenticity	<2.7.2-r1
L Cross-site Scripting (XSS)	<2.7.2-r1
L GHSA-gfwx-w7gr-fvh7	<2.7.2-r1
L GHSA-hqmj-h5c6-369m	<2.7.2-r1
L GHSA-rf74-v2fm-23pw	<2.7.2-r1
L Missing Authentication for Critical Function	<2.7.2-r1
L GHSA-jm6w-m3j8-898g	<2.7.2-r1
M Open Redirect	<2.7.2-r1
H Improper Handling of Highly Compressed Data (Data Amplification)	<2.7.2-r1
H Allocation of Resources Without Limits or Throttling	<2.7.2-r1
L GHSA-pq67-6m6q-mj2v	<2.7.2-r1
L GHSA-gm62-xv2j-4w53	<2.7.2-r1
L GHSA-2xpw-w6gg-jr37	<2.7.2-r1
L GHSA-rv83-g57w-fr8j	<2.7.0-r2
L GHSA-8fj7-8h3w-xwfm	<2.7.0-r2
L Directory Traversal	<2.7.0-r2
L Cross-site Scripting (XSS)	<2.7.0-r2
L GHSA-hqmh-ppp3-xvm7	<2.7.0-r2
L GHSA-j4j7-vw47-rhfq	<2.7.0-r2
M Allocation of Resources Without Limits or Throttling	<2.7.0-r2
L GHSA-j3gx-2473-5fp8	<2.7.0-r2
L CVE-2026-27141	<2.7.0-r2
L Direct Request ('Forced Browsing')	<2.7.0-r2
H Directory Traversal	<2.7.0-r2
L GHSA-3936-cmfr-pm3m	<2.7.0-r2
L GHSA-f2v5-7jq9-h8cg	<2.7.0-r1
M Resource Exhaustion	<2.7.0-r1
L GHSA-7p94-766c-hgjp	<2.6.2-r3
L Arbitrary Code Injection	<2.6.2-r3
L GHSA-37cx-329c-33x3	<2.6.2-r2
L CVE-2025-61732	<2.6.2-r2
L GHSA-h355-32pf-p2xm	<2.6.2-r2
C CVE-2025-68121	<2.6.2-r2
L GHSA-8jvr-vh7g-f8gx	<2.6.2-r2
M Improper Validation of Integrity Check Value	<2.6.2-r2
L GHSA-gm8q-m8mv-jj5m	<2.6.1-r4
L CVE-2026-1703	<2.6.1-r4
L GHSA-7gcm-g887-7qv7	<2.6.1-r4
L Directory Traversal	<2.6.1-r4
L GHSA-2q4j-m29v-hq73	<2.6.1-r4
L GHSA-6vgw-5pg2-w6jp	<2.6.1-r4
M Loop with Unreachable Exit Condition ('Infinite Loop')	<2.6.1-r4
H CVE-2026-0994	<2.6.1-r4
L GHSA-8rrh-rw8j-w5fx	<2.6.1-r2
M Directory Traversal	<2.6.1-r2
L Directory Traversal	<2.6.1-r2
L GHSA-58pv-8j8x-9vj2	<2.6.1-r2
L CVE-2025-4674	<2.5.2-r2
L CVE-2025-22874	<2.5.2-r2
L GHSA-f6x5-jh6r-wrfv	<2.6.0-r0
L CVE-2025-22871	<2.5.2-r2
L CVE-2025-58181	<2.6.0-r0
L Race Condition	<2.5.2-r2
L CVE-2025-47914	<2.6.0-r0
L Resource Exhaustion	<2.5.3-r1
L GHSA-j5pm-7495-qmr3	<2.5.2-r2
L GHSA-hcg3-q754-cr77	<1.23.0-r11
L GHSA-j5w8-q4qc-rx2x	<2.6.0-r0
L GHSA-6f52-wpx2-hvf2	<2.5.2-r2
L GHSA-wprm-fgrx-xj42	<2.5.2-r2
L GHSA-g9pc-8g42-g6vq	<2.5.2-r2
L CVE-2025-4673	<2.5.2-r2
L CVE-2025-22872	<2.5.2-r2
L GHSA-qxp5-gwg8-xv66	<2.5.2-r2
L GHSA-62jj-gr2r-5c34	<2.5.2-r2
L GHSA-vvgc-356p-c3xw	<2.5.2-r2
L GHSA-6v2p-p543-phr9	<1.23.0-r11
L CVE-2025-22870	<2.5.2-r2
L Improper Certificate Validation	<2.6.0-r0
L Improper Certificate Validation	<2.6.0-r0
L GHSA-7c64-f9jr-v9h2	<2.6.0-r0
L GHSA-5mh9-3jwc-rp59	<2.6.0-r0
L GHSA-m449-cwjh-6pw7	<2.5.3-r1
L Resource Exhaustion	<2.5.2-r2
L Algorithmic Complexity	<2.5.2-r1
H Excessive Iteration	<2.5.2-r0
H Improper Handling of Highly Compressed Data (Data Amplification)	<2.5.2-r0
L Creation of Temporary File With Insecure Permissions	<2.4.1-r1
L CVE-2025-47906	<2.4.0-r13
H Resource Exhaustion	<2.4.0-r11
L Inefficient Regular Expression Complexity	<2.4.0-r5
L Allocation of Resources Without Limits or Throttling	<2.3.2-r3
L Improper Input Validation	<2.3.2-r1
L Expected Behavior Violation	<2.3.2-r1
L Insufficiently Protected Credentials	<2.3.1-r5
M Open Redirect	<2.3.1-r4
M CVE-2025-4565	<2.3.1-r4
L SQL Injection	<2.3.1-r2
L Function Call With Incorrect Order of Arguments	<2.3.0-r0
L HTTP Request Smuggling	<2.2.1-r1
L Uncaught Exception	<2.2.1-r0
L Asymmetric Resource Consumption (Amplification)	<1.23.0-r13
L CVE-2024-34069	<1.23.0-r12
L CVE-2024-21503	<1.23.0-r12
L CVE-2024-27306	<1.23.0-r12
M CVE-2024-37891	<1.23.0-r12
H Directory Traversal	<1.23.0-r12
L Cross-site Scripting (XSS)	<1.23.0-r12
L CVE-2024-39705	<1.23.0-r12
M CVE-2024-42367	<1.23.0-r12
L CVE-2024-34062	<1.23.0-r12
L Arbitrary Code Injection	<1.23.0-r12
L CVE-2024-30251	<1.23.0-r12
C Out-of-bounds Read	<1.23.0-r12
L CVE-2025-22868	<1.23.0-r11
L CVE-2025-22869	<1.23.0-r11
H Deserialization of Untrusted Data	<1.23.0-r11
H Improper Neutralization of Special Elements Used in a Template Engine	<1.23.0-r11
H Deserialization of Untrusted Data	<1.23.0-r11
H Deserialization of Untrusted Data	<1.23.0-r11
L CVE-2025-22866	<1.23.0-r9
L Arbitrary Argument Injection	<1.23.0-r7
L Resource Exhaustion	<1.23.0-r7
L CVE-2024-45338	<1.23.0-r6
H Improper Neutralization	<1.23.0-r6
L Protection Mechanism Failure	<1.23.0-r6

Vulnerability

Vulnerable Version

Insufficient Verification of Data Authenticity

<2.7.2-r1