nemo vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the nemo package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
L GHSA-m449-cwjh-6pw7	<2.5.3-r1
L Resource Exhaustion	<2.5.2-r2
L GHSA-2qfp-q593-8484	<2.5.2-r2
L Algorithmic Complexity	<2.5.2-r1
L GHSA-7f5h-v6xp-fcq8	<2.5.2-r1
L GHSA-jfx9-29x2-rv3j	<2.5.2-r0
H Excessive Iteration	<2.5.2-r0
L GHSA-vr63-x8vc-m265	<2.5.2-r0
H Improper Handling of Highly Compressed Data (Data Amplification)	<2.5.2-r0
L Creation of Temporary File With Insecure Permissions	<2.4.1-r1
L GHSA-cr7q-2w66-hjcm	<2.4.1-r1
L CVE-2025-47906	<2.4.0-r13
L GHSA-gwrf-jf3h-w649	<2.4.0-r13
L GHSA-7hfw-26vp-jp8m	<2.4.0-r11
H Resource Exhaustion	<2.4.0-r11
L GHSA-9356-575x-2w9m	<2.4.0-r5
L Inefficient Regular Expression Complexity	<2.4.0-r5
L GHSA-2c2j-9gv5-cj73	<2.3.2-r3
L Allocation of Resources Without Limits or Throttling	<2.3.2-r3
L GHSA-phhr-52qp-3mj4	<2.3.2-r1
L Improper Input Validation	<2.3.2-r1
L Expected Behavior Violation	<2.3.2-r1
L GHSA-5hq9-5r78-2gjh	<2.3.2-r1
L Insufficiently Protected Credentials	<2.3.1-r5
L GHSA-9hjg-9r4m-mvj7	<2.3.1-r5
L GHSA-48p4-8xcf-vxj5	<2.3.1-r4
L Open Redirect	<2.3.1-r4
L GHSA-8qvm-5x2c-j2w7	<2.3.1-r4
M CVE-2025-4565	<2.3.1-r4
L GHSA-v3c8-3pr6-gr7p	<2.3.1-r2
L SQL Injection	<2.3.1-r2
L GHSA-4grg-w6v8-c28g	<2.3.0-r0
L Function Call With Incorrect Order of Arguments	<2.3.0-r0
L HTTP Request Smuggling	<2.2.1-r1
L GHSA-vqfr-h8mv-ghfj	<2.2.1-r1
L Uncaught Exception	<2.2.1-r0
L GHSA-98fp-7v67-4v3q	<2.2.1-r0
L Asymmetric Resource Consumption (Amplification)	<1.23.0-r13
L GHSA-mh63-6h87-95cp	<1.23.0-r13
L CVE-2024-34069	<1.23.0-r12
L CVE-2024-21503	<1.23.0-r12
L CVE-2024-27306	<1.23.0-r12
L GHSA-fj7x-q9j7-g6q6	<1.23.0-r12
L GHSA-g7vv-2v7x-gj9p	<1.23.0-r12
L CVE-2024-37891	<1.23.0-r12
H Directory Traversal	<1.23.0-r12
L GHSA-7gpw-8wmc-pm8g	<1.23.0-r12
L Cross-site Scripting (XSS)	<1.23.0-r12
L GHSA-cx63-2mw6-8hw5	<1.23.0-r12
L CVE-2024-39705	<1.23.0-r12
M CVE-2024-42367	<1.23.0-r12
L GHSA-cgvx-9447-vcch	<1.23.0-r12
L CVE-2024-34062	<1.23.0-r12
L GHSA-cqh9-jfqr-h9jj	<1.23.0-r12
L Server-Side Request Forgery (SSRF)	<1.23.0-r12
L GHSA-34jh-p97f-mpxf	<1.23.0-r12
L GHSA-jwhx-xcg6-8xhj	<1.23.0-r12
L GHSA-h75v-3vvj-5mfj	<1.23.0-r12
L Arbitrary Code Injection	<1.23.0-r12
L GHSA-5m98-qgg9-wh84	<1.23.0-r12
L CVE-2024-30251	<1.23.0-r12
L GHSA-h8wv-9h96-m4hr	<1.23.0-r12
L GHSA-whh8-fjgc-qp73	<1.23.0-r12
C Out-of-bounds Read	<1.23.0-r12
L GHSA-2g68-c3qc-8985	<1.23.0-r12
L CVE-2025-22868	<1.23.0-r11
L CVE-2025-22869	<1.23.0-r11
H Deserialization of Untrusted Data	<1.23.0-r11
L GHSA-cpwx-vrp4-4pq7	<1.23.0-r11
L GHSA-wrfc-pvp9-mr9g	<1.23.0-r11
H Improper Neutralization of Special Elements Used in a Template Engine	<1.23.0-r11
L GHSA-hxxf-235m-72v3	<1.23.0-r11
L GHSA-qxrp-vhvm-j765	<1.23.0-r11
H Deserialization of Untrusted Data	<1.23.0-r11
H Deserialization of Untrusted Data	<1.23.0-r11
L CVE-2025-22866	<1.23.0-r9
L GHSA-3whm-j4xm-rv8x	<1.23.0-r9
L GHSA-v725-9546-7q7m	<1.23.0-r7
L Arbitrary Argument Injection	<1.23.0-r7
L Resource Exhaustion	<1.23.0-r7
L GHSA-r9px-m959-cxf4	<1.23.0-r7
L GHSA-gmj6-6f8f-6699	<1.23.0-r6
L GHSA-q2x7-8rv6-6q7h	<1.23.0-r6
L CVE-2024-45338	<1.23.0-r6
H Improper Neutralization	<1.23.0-r6
L GHSA-w32m-9786-jp63	<1.23.0-r6
L Protection Mechanism Failure	<1.23.0-r6

Vulnerability

Vulnerable Version

GHSA-m449-cwjh-6pw7

<2.5.3-r1