GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
11 advisories
Server-Side Request Forgery in link-preview-js
Moderate
CVE-2022-25876
was published
for
link-preview-js
(npm)
Jul 2, 2022
Passport vulnerable to session regeneration when a users logs in or out
Moderate
CVE-2022-25896
was published
for
passport
(npm)
Jul 2, 2022
Regular expression denial of service in scss-tokenizer
High
CVE-2022-25758
was published
for
scss-tokenizer
(npm)
Jul 2, 2022
Prototype pollution in @strikeentco/set
High
CVE-2020-28267
was published
for
@strikeentco/set
(npm)
May 24, 2022
Expo on iOS is insecure due incorrect security attribute application
Moderate
CVE-2020-24653
was published
for
expo
(npm)
May 24, 2022
OpenPGP 1.2.0 and earlier decrypts arbitrary messages
High
CVE-2015-8013
was published
for
openpgp
(npm)
May 17, 2022
jQuery vulnerable to Cross-Site Scripting (XSS)
Moderate
CVE-2011-4969
was published
for
jQuery
(RubyGems)
May 14, 2022
Electron vulnerable to URL spoofing via PDFium
Moderate
CVE-2017-1000424
was published
for
Electron
(npm)
May 13, 2022
Bootstrap vulnerable to Cross-Site Scripting (XSS)
Moderate
CVE-2018-14040
was published
for
bootstrap
(RubyGems)
May 13, 2022
url-parse incorrectly parses hostname / protocol due to unstripped leading control characters.
Moderate
CVE-2022-0691
was published
for
url-parse
(npm)
Feb 22, 2022
ProTip!
Advisories are also available from the
GraphQL API