Browse Security Advisories
High Security Advisories for strapi in npm Clear Filters
High
almost 3 years ago
Strapi mishandles hidden attributes within admin API responses
npm
@strapi/strapi, strapi
High
about 3 years ago
Improper Removal of Sensitive Information Before Storage or Transfer in Strapi
npm
@strapi/strapi, strapi
High
about 3 years ago
Improper Removal of Sensitive Information Before Storage or Transfer in Strapi
npm
@strapi/strapi, strapi
High
about 3 years ago
Insecure password handling vulnerability in Strapi
npm
@strapi/strapi, strapi
High
almost 4 years ago
Weak Password Recovery Mechanism for Forgotten Password in Strapi
npm
strapi
Filter by Severity
Filter by Ecosystem
maven
2,222
pypi
1,788
npm
1,622
packagist
1,446
go
989
nuget
938
cargo
388
rubygems
303
swift
18
actions
17
hex
10
pub
5
Filter by Package
parse-server
16
electron
13
directus
11
next
11
strapi
7
tar
7
@strapi/strapi
7
flowise
7
matrix-js-sdk
6
express-cart
6
npm
6
@openzeppelin/contracts
6
sequelize
6
handlebars
6
@haxtheweb/haxcms-nodejs
5
serve
5
@openzeppelin/contracts-upgradeable
5
systeminformation
5
ua-parser-js
5
generator-jhipster
4
marked
4
qs
4
hapi
4
auth0-js
4
matrix-react-sdk
4
yarn
4
ckeditor4
4
@strapi/plugin-users-permissions
4
shescape
4
total.js
4
muhammara
4
openpgp
4
prismjs
4
axios
4
@finos/git-proxy
4
hummus
4
multer
4
@apollo/gateway
4
nocodb
4
highcharts
3
node-forge
3
ecstatic
3
meshcentral
3
remarkable
3
next-auth
3
socket.io-file
3
localhost-now
3
rendertron
3
tar-fs
3
fastify
3
steal
3
jsrsasign
3
ws
3
@hapi/subtext
3
hermes-engine
3
open-webui
3
@commercial/subtext
3
@sveltejs/kit
3
@uppy/companion
3
awsiotsdk
3
simple-git
3
subtext
3
lodash
3
software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
3
open-webui
3
vite
3
ids-enterprise
3
keystone
3
mermaid
3
node-opcua
3
aws-iot-device-sdk-v2
3
passport-wsfed-saml2
3
@backstage/plugin-scaffolder-backend
3
ghost
3
convert-svg-core
3
moment
3
lodash.merge
2
undici
2
lodash.mergewith
2
n8n
2
object-path
2
uptime-kuma
2
http-live-simulator
2
node-jose
2
grunt
2
fuxa-server
2
@tinacms/cli
2
sails
2
cached-path-relative
2
react-router
2
lodash-es
2
snyk
2
code-server
2
http-proxy
2
angular-expressions
2
jquery-validation
2
@cubejs-backend/api-gateway
2
@npmcli/arborist
2
codecov
2
path-to-regexp
2
joplin
2
nuxt-api-party
2
erxes
2
fast-xml-parser
2
detect-character-encoding
2
merge
2
mongoose
2
jointjs
2
engine.io
2
xdLocalStorage
2
@fastify/multipart
2
urijs
2
oauth2-server
2
tiny-secp256k1
2
json-ptr
2
deep-get-set
2
minimatch
2
lodash.defaultsdeep
2
@solana/web3.js
2
loopback-connector-mongodb
2
assign-deep
2
bmoor
2
xlsx
2
rollup-plugin-server
2
@frangoteam/fuxa
2
dojo
2
total4
2
convict
2
hawk
2
@strikeentco/set
2
mqtt-packet
2
@modelcontextprotocol/server-filesystem
2
vp-toolkit
2
squirrelly
2
jspdf
2
immer
2
mongosh
2
pnpm
2
@auth0/nextjs-auth0
2
simple-markdown
2
hoek
2
eta
2
angular
2
rsshub
2
decal
2
fs-git
2
glob-parent
2
loader-utils
2
@directus/api
2
@discordjs/opus
2
@kindspells/astro-shield
2
is-svg
2
@theia/mini-browser
2
Moment.js
2
devcert
2
buttle
2
matrix-appservice-irc
2
mixme
2
@saltcorn/server
2
sqlite3
2
mcstatic
2
pdfjs-dist
2
mout
2
css-what
2
@evershop/evershop
2
node-saml
2
dompurify
2
semver
2
express-handlebars
1
install-nw
1
frourio-express
1
handsontable
1
is-http2
1
react-native-baidu-voice-synthesizer
1
dgard8.lab6
1
yjmyjmyjm
1
decode-uri-component
1
unicorn-list
1
tmpl
1
@pnpm/win-x64
1
serverabc
1
http-proxy-middleware
1
simple-get
1
express-openid-connect
1
@chainsafe/lodestar
1
js-yaml
1
git-promise
1
tough-cookie
1
is-user-valid
1
underscore-keypath
1
node-stringbuilder
1
libwebp-sys
1
jqueryfiletree
1
osm-static-maps
1
@nguniversal/common
1
fancy-server
1
@conform-to/zod
1
json8-merge-patch
1
electron-pdf
1
isolated-vm
1