Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

npm

@directus/api

npm

Directus is a real-time API and App dashboard for managing SQL database content

View on github.com · View on npmjs.org

Security Advisories for @directus/api in npm

Critical
2 months ago

Directus allows unauthenticated file upload and file modification due to lacking input sanitization GSA_kwCzR0hTQS1tdjMzLTlmNmotcGZtY84ABLSw

npm @directus/api, directus
Moderate
6 months ago

Directus inserts access token from query string into logs GSA_kwCzR0hTQS12dzU4LXBoNjUtNnJ4cM4ABGvt

npm @directus/api
Low
7 months ago

Suspended Directus user can continue to use session token to access API GSA_kwCzR0hTQS01NnA2LXF3M2MtZnEyZ84ABF7-

npm @directus/types, @directus/api, directus
Moderate
8 months ago

Directus allows updates to non-allowed fields due to overlapping policies GSA_kwCzR0hTQS05OXZtLTV2MmgtaDZyNs4ABEoi

npm @directus/api, directus
High
11 months ago

Directus allows unauthenticated access to WebSocket events and operations GSA_kwCzR0hTQS04NDlyLXFyd2otOHJ2NM4ABCND

npm @directus/api, directus
High
about 1 year ago

Session is cached for OpenID and OAuth2 if `redirect` is not used GSA_kwCzR0hTQS1jZmY4LXg3anYtNGZtOM4AA_cb

npm @directus/api, directus
Moderate
over 1 year ago

Directus Blind SSRF On File Import GSA_kwCzR0hTQS04cDcyLXJjcTQtaDZwd84AA9n5

npm @directus/api

Filter by Severity

Moderate 3 High 2 Low 1 Critical 1