Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
npm npm Security Advisories
Browse all Security Advisories for npm npm
Loading...
High
Ecosystems: npm
Packages: npm
Source: GitHub Advisory Database
Blast Radius: 38.6
Published: over 2 years ago
GSA_kwCzR0hTQS1oajljLThqbW0tOGM1Ms4AArT6
Packing does not respect root-level ignore files in workspacesEcosystems: npm
Packages: npm
Source: GitHub Advisory Database
Blast Radius: 38.6
Published: over 2 years ago
High
Ecosystems: npm
Packages: npm
Source: GitHub Advisory Database
Blast Radius: 39.6
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXg4cWMtcnJjdy00cjQ2
npm symlink reference outside of node_modulesEcosystems: npm
Packages: npm
Source: GitHub Advisory Database
Blast Radius: 39.6
Published: almost 5 years ago
High
Ecosystems: npm
Packages: npm
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW01aDYtaHIzcS0yMmg1
npm Token Leak in npmEcosystems: npm
Packages: npm
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 6 years ago
High
Ecosystems: npm
Packages: npm
Source: GitHub Advisory Database
Blast Radius: 40.1
Published: over 2 years ago
GSA_kwCzR0hTQS1waDM0LXBjODgtNzJnY84AATBa
Incorrect Permission Assignment for Critical Resource in NPMEcosystems: npm
Packages: npm
Source: GitHub Advisory Database
Blast Radius: 40.1
Published: over 2 years ago
High
Ecosystems: npm
Packages: npm
Source: GitHub Advisory Database
Blast Radius: 39.6
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW02Y3gtZzZxbS1wMmN4
Arbitrary File Write in npmEcosystems: npm
Packages: npm
Source: GitHub Advisory Database
Blast Radius: 39.6
Published: almost 5 years ago
High
Ecosystems: npm
Packages: npm
Source: GitHub Advisory Database
Blast Radius: 39.6
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQzMjgtOGhnZi03d2py
npm Vulnerable to Global node_modules Binary OverwriteEcosystems: npm
Packages: npm
Source: GitHub Advisory Database
Blast Radius: 39.6
Published: almost 5 years ago
Low
Ecosystems: npm
Packages: npm
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXYzanYtd3JmNC01ODQ1
Local Privilege Escalation in npmEcosystems: npm
Packages: npm
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 4 years ago
Moderate
Ecosystems: npm
Packages: npm
Source: GitHub Advisory Database
Blast Radius: 22.6
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTkzZjMtMjNycS1wamZw
npm CLI exposing sensitive information through logsEcosystems: npm
Packages: npm
Source: GitHub Advisory Database
Blast Radius: 22.6
Published: about 4 years ago
Statistics
Advisories: 20,013
Packages: 8,806
Repositories: 2
Ecosystems: 12
Packages: 8,806
Repositories: 2
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
parse-server
30
electron
26
directus
25
@openzeppelin/contracts-upgradeable
21
@openzeppelin/contracts
20
next
16
sequelize
16
tinymce
16
ckeditor4
15
ghost
15
swagger-ui
14
strapi
13
undici
13
joplin
13
angular
13
vm2
12
handlebars
11
TinyMCE
11
tinymce/tinymce
11
marked
11
nodebb
11
nocodb
10
bootstrap
10
matrix-js-sdk
9
next-auth
9
flowise
9
serve
9
twbs/bootstrap
9
@evershop/evershop
9
bootstrap
9
org.webjars:bootstrap
9
bootstrap
9
node-forge
8
editor.md
8
matrix-react-sdk
8
steal
8
url-parse
8
validator
8
tar
8
@strapi/strapi
8
systeminformation
8
express-cart
8
npm
8
urijs
8
jsrsasign
8
matrix-appservice-irc
8
jquery
8
jquery-rails
8
org.webjars.npm:jquery
8
snyk-broker
7
total.js
7
shescape
7
lunary
7
hapi
7
lodash
7
sanitize-html
7
jQuery
7
jquery-ui
7
hermes-engine
7
uptime-kuma
7
bootstrap-sass
7
bootstrap.sass
7
jQuery.UI.Combined
7
org.webjars.npm:jquery-ui
7
jquery-ui-rails
7
safe-eval
6
bootstrap-sass
6
aaptjs
6
parse-url
6
@strapi/plugin-users-permissions
6
rsshub
6
elliptic
5
yarn
5
mongoose
5
public
5
ejs
5
axios
5
keystone
5
lodash-es
5
xlsx
5
dojo
5
vite
5
ua-parser-js
5
sweetalert2
5
rendertron
5
mysql2
5
ws
5
total4
5
vditor
5
openpgp
5
prismjs
5
fastify
4
convert-svg-core
4
apollo-server-core
4
fast-xml-parser
4
software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
4
aws-iot-device-sdk-v2
4
auth0-lock
4
glance
4
generator-jhipster
4
awsiotsdk
4
hummus
4
muhammara
4
materialize-css
4
mermaid
4
moment
4
valine
4
auth0-js
4
vega
4
@keystone-6/core
4
ecstatic
4
@backstage/plugin-scaffolder-backend
4
katex
4
jsonwebtoken
4
meshcentral
4
dompurify
4
qs
4
apostrophe
4
simple-git
4
safer-eval
4
mongo-express
4
realms-shim
4
engine.io
4
follow-redirects
4
remarkable
4
simple-markdown
4
braces
3
tough-cookie
3
@vrite/sdk
3
nodemailer
3
@ckeditor/ckeditor5-markdown-gfm
3
json-ptr
3
@backstage/techdocs-common
3
@strapi/utils
3
keycloak-connect
3
xmldom
3
socket.io-parser
3
@sveltejs/kit
3
ag-grid-community
3
grunt
3
slpjs
3
socket.io-file
3
buttle
3
browserify-shim
3
@jmondi/url-to-png
3
postcss
3
dset
3
@janhq/core
3
mixme
3
jose
3
localhost-now
3
highcharts
3
django-tinymce
3
@builder.io/qwik
3
node-opcua
3
serialize-to-js
3
connect
3
mysql
3
froala-editor
3
object-path
3
loader-utils
3
js-yaml
3
jose-node-esm-runtime
3
dns-sync
3
parsel
3
feathers-sequelize
3
jspdf
3
org.webjars.npm:xlsx
3
@uppy/companion
3
jointjs
3
node-fetch
3
n8n
3
codecov
3
convict
3
locutus
3
node-red-dashboard
3
passport-wsfed-saml2
3
@sequelize/core
3
bson
3
libxmljs
3
express
3
immer
3
json-pointer
3
@apollo/server
3
xdLocalStorage
3
stimulsoft-dashboards-js
3
statics-server
3
llhttp
3
fuxa-server
3
mxgraph
3
lodash.defaultsdeep
3
@lobehub/chat
3
blamer
3
ids-enterprise
3
@materializecss/materialize
3
renovate
3
ftp-srv
3
@frangoteam/fuxa
3
yapi-vendor
3
raneto
3
Filter by Repository