Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

npm code-server Security Advisories

Browse all Security Advisories for npm code-server

Critical

GSA_kwCzR0hTQS1mcmpnLWc3NjctNzM2M84AAyPi

code-server vulnerable to Missing Origin Validation in WebSockets
Ecosystems: npm
Packages: code-server
Source: GitHub Advisory Database
Blast Radius: 4.4
Published: over 1 year ago

Moderate

GSA_kwCzR0hTQS0yZ3AzLTZjOXAtanA3d83lKQ

Cross site scripting in code-server
Ecosystems: npm
Packages: code-server
Source: GitHub Advisory Database
Blast Radius: 2.9
Published: over 2 years ago

High

GSA_kwCzR0hTQS00OXgzLTgyMjgtM3czbc0V3w

Inefficient Regular Expression Complexity in code-server
Ecosystems: npm
Packages: code-server
Source: GitHub Advisory Database
Blast Radius: 3.6
Published: about 3 years ago

Statistics

Advisories: 20,668
Packages: 9,040
Repositories: 2
Ecosystems: 12

Filter by Severity

Moderate 8,836 High 7,269 Critical 3,070 Low 1,144

Filter by Ecosystem

maven 5,864 packagist 4,634 pypi 4,352 npm 3,812 go 2,295 nuget 1,552 cargo 882 rubygems 880 swift 33 hex 32 actions 20 pub 9

Filter by Package

parse-server 31 electron 26 directus 26 @openzeppelin/contracts-upgradeable 21 @openzeppelin/contracts 20 next 18 tinymce 16 sequelize 16 ckeditor4 15 ghost 15 swagger-ui 14 joplin 14 angular 13 undici 13 strapi 13 nodebb 12 vm2 12 handlebars 11 tinymce/tinymce 11 bootstrap 11 TinyMCE 11 marked 11 matrix-js-sdk 11 nocodb 10 flowise 10 @evershop/evershop 9 matrix-react-sdk 9 @strapi/strapi 9 bootstrap 9 next-auth 9 serve 9 org.webjars:bootstrap 9 twbs/bootstrap 9 bootstrap 9 matrix-appservice-irc 8 jsrsasign 8 tar 8 steal 8 org.webjars.npm:jquery 8 jquery 8 jquery-rails 8 node-forge 8 npm 8 editor.md 8 validator 8 systeminformation 8 urijs 8 url-parse 8 express-cart 8 elliptic 7 jquery-ui 7 total.js 7 jquery-ui-rails 7 jQuery.UI.Combined 7 org.webjars.npm:jquery-ui 7 hermes-engine 7 uptime-kuma 7 jQuery 7 snyk-broker 7 hapi 7 sanitize-html 7 dompurify 7 shescape 7 bootstrap.sass 7 lodash 7 bootstrap-sass 7 vite 7 parse-url 6 aaptjs 6 safe-eval 6 rsshub 6 bootstrap-sass 6 @strapi/plugin-users-permissions 6 ejs 5 yarn 5 axios 5 dojo 5 mermaid 5 keystone 5 openpgp 5 public 5 xlsx 5 sweetalert2 5 lodash-es 5 mongoose 5 @saltcorn/server 5 mysql2 5 lunary 5 total4 5 prismjs 5 ws 5 rendertron 5 vditor 5 ua-parser-js 5 mattermost-desktop 5 follow-redirects 4 aws-iot-device-sdk-v2 4 simple-markdown 4 awsiotsdk 4 mongo-express 4 materialize-css 4 realms-shim 4 ecstatic 4 katex 4 @backstage/plugin-scaffolder-backend 4 remarkable 4 hono 4 moment 4 auth0-js 4 generator-jhipster 4 express 4 @lobehub/chat 4 simple-git 4 valine 4 hummus 4 apollo-server-core 4 qs 4 vega 4 muhammara 4 meshcentral 4 jsonwebtoken 4 auth0-lock 4 apostrophe 4 glance 4 fastify 4 fast-xml-parser 4 convert-svg-core 4 @keystone-6/core 4 software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk 4 engine.io 4 safer-eval 4 jose 3 typeorm 3 buttle 3 xmldom 3 connect 3 ids-enterprise 3 @commercial/subtext 3 froala-editor 3 @jmondi/url-to-png 3 @directus/api 3 localhost-now 3 @strapi/utils 3 blamer 3 @materializecss/materialize 3 notevil 3 serialize-to-js 3 socket.io 3 lodash.defaultsdeep 3 node-opcua 3 dset 3 subtext 3 postcss 3 dojox 3 ses 3 @hapi/subtext 3 keycloak-connect 3 bin-links 3 @sveltejs/kit 3 @vrite/sdk 3 nadesiko3 3 mysql 3 convict 3 protobufjs 3 docsify 3 openmct 3 @soketi/soketi 3 highcharts 3 snyk 3 socket.io-file 3 sails 3 nodemailer 3 node-fetch 3 ag-grid-community 3 browserify-shim 3 grunt 3 braces 3 layui 3 feathers-sequelize 3 locutus 3 dns-sync 3 passport-wsfed-saml2 3 stimulsoft-dashboards-js 3 statics-server 3 mxgraph 3 object-path 3 js-yaml 3 loader-utils 3 nuxt 3 mixme 3 socket.io-parser 3 raneto 3 fuxa-server 3 http-live-simulator 3 renovate 3 @ckeditor/ckeditor5-markdown-gfm 3 m-server 3 @cubejs-backend/api-gateway 3 @strapi/plugin-content-manager 3 jquery-validation 3

Filter by Repository

https://github.com/cdr/code-server 2 https://github.com/coder/code-server 1