
npm
5,162,107 packages · npmjs.org
High Security Advisories for https://github.com/node-saml/passport-saml in npm Clear Filters
High
almost 3 years ago
Signature bypass via multiple root elements
npm
@node-saml/passport-saml, @node-saml/node-saml, node-saml, passport-saml
Filter by Severity
Filter by Package
parse-server
16
electron
12
next
11
directus
11
flowise
9
@anthropic-ai/claude-code
8
tar
7
@strapi/strapi
7
strapi
7
express-cart
6
matrix-js-sdk
6
handlebars
6
@openzeppelin/contracts
6
sequelize
6
npm
6
@haxtheweb/haxcms-nodejs
5
axios
5
serve
5
ua-parser-js
5
@openzeppelin/contracts-upgradeable
5
systeminformation
5
total.js
4
@strapi/plugin-users-permissions
4
tar-fs
4
yarn
4
hapi
4
ckeditor4
4
marked
4
@finos/git-proxy
4
multer
4
matrix-react-sdk
4
prismjs
4
qs
4
shescape
4
muhammara
4
generator-jhipster
4
nocodb
4
auth0-js
4
@apollo/gateway
4
openpgp
4
simple-git
3
@sveltejs/kit
3
fastify
3
aws-iot-device-sdk-v2
3
awsiotsdk
3
@backstage/plugin-scaffolder-backend
3
mermaid
3
moment
3
passport-wsfed-saml2
3
software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
3
ecstatic
3
socket.io-file
3
node-forge
3
open-webui
3
rendertron
3
ghost
3
steal
3
next-auth
3
node-opcua
3
highcharts
3
localhost-now
3
jspdf
3
ids-enterprise
3
meshcentral
3
jsrsasign
3
n8n
3
hermes-engine
3
@uppy/companion
3
@commercial/subtext
3
keystone
3
open-webui
3
vite
3
ws
3
remarkable
3
convert-svg-core
3
node-saml
2
mout
2
css-what
2
codecov
2
fuxa-server
2
dompurify
2
cached-path-relative
2
@fastify/multipart
2
sails
2
lodash.mergewith
2
http-proxy
2
undici
2
angular-expressions
2
snyk
2
grunt
2
react-router
2
node-jose
2
mqtt-packet
2
@cubejs-backend/api-gateway
2
@tinacms/cli
2
tiny-secp256k1
2
joplin
2
code-server
2
nuxt-api-party
2
path-to-regexp
2
object-path
2
pdfjs-dist
2
fast-xml-parser
2
engine.io
2
loader-utils
2
node-static
2
jointjs
2
xdLocalStorage
2
decal
2
mongoose
2
merge
2
oauth2-server
2
@solana/web3.js
2
rollup-plugin-server
2
minimatch
2
@discordjs/opus
2
loopback-connector-mongodb
2
assign-deep
2
deep-get-set
2
json-ptr
2
lodash.defaultsdeep
2
jquery-validation
2
xlsx
2
urijs
2
@strikeentco/set
2
squirrelly
2
total4
2
convict
2
@modelcontextprotocol/server-filesystem
2
debug
2
@frangoteam/fuxa
2
dojo
2
hawk
2
vp-toolkit
2
mongosh
2
immer
2
@evershop/evershop
2
uptime-kuma
2
detect-character-encoding
2
pnpm
2
@auth0/nextjs-auth0
2
fs-git
2
simple-markdown
2
@plone/volto
2
glob-parent
2
@directus/api
2
@npmcli/arborist
2
@kindspells/astro-shield
2
angular
2
eta
2
rsshub
2
buttle
2
hummus
2
nodebb
2
mixme
2
content
2
is-svg
2
@theia/mini-browser
2
erxes
2
Moment.js
2
devcert
2
matrix-appservice-irc
2
lodash.merge
2
semver
2
financejs
2
@saltcorn/server
2
mcstatic
2
sqlite3
2
bmoor
2
http-live-simulator
2
get-setter
1
install-nw
1
frourio-express
1
handsontable
1
is-http2
1
js-toml
1
react-native-baidu-voice-synthesizer
1
yjmyjmyjm
1
dgard8.lab6
1
decode-uri-component
1
unicorn-list
1
tmpl
1
@pnpm/win-x64
1
serverabc
1
http-proxy-middleware
1
simple-get
1
express-openid-connect
1
@chainsafe/lodestar
1
js-yaml
1
git-promise
1
tough-cookie
1
is-user-valid
1
underscore-keypath
1
node-stringbuilder
1
jqueryfiletree
1
osm-static-maps
1
@executeautomation/database-server
1
@nguniversal/common
1
fancy-server
1
@conform-to/zod
1
Filter by Repository
https://github.com/parse-community/parse-server
16
https://github.com/electron/electron
12
https://github.com/directus/directus
12
https://github.com/strapi/strapi
10
https://github.com/vercel/next.js
9
https://github.com/backstage/backstage
8
https://github.com/anthropics/claude-code
8
https://github.com/FlowiseAI/Flowise
7
https://github.com/OpenZeppelin/openzeppelin-contracts
6
https://github.com/npm/node-tar
6
https://github.com/matrix-org/matrix-js-sdk
6
https://github.com/sequelize/sequelize
6
https://github.com/faisalman/ua-parser-js
5
https://github.com/axios/axios
5
https://github.com/sebhildebrandt/systeminformation
5
https://github.com/haxtheweb/issues
5
https://github.com/BlackFan/client-side-prototype-pollution
5
https://github.com/finos/git-proxy
4
https://github.com/matrix-org/matrix-react-sdk
4
https://github.com/expressjs/multer
4
https://github.com/mafintosh/tar-fs
4
https://github.com/jhipster/generator-jhipster
4
https://github.com/ericcornelissen/shescape
4
https://github.com/saltcorn/saltcorn
4
https://github.com/node-opcua/node-opcua
4
https://github.com/npm/cli
4
https://github.com/ckeditor/ckeditor4
4
https://github.com/openpgpjs/openpgpjs
4
https://github.com/PrismJS/prism
4
https://github.com/nocodb/nocodb
4
https://github.com/totaljs/framework
4
https://github.com/ofirdagan/cross-domain-local-storage
3
https://github.com/n8n-io/n8n
3
https://github.com/hapijs/subtext
3
https://github.com/udecode/plate
3
https://github.com/highcharts/highcharts
3
https://github.com/jonschlinkert/remarkable
3
https://github.com/mrvautin/expressCart
3
https://github.com/kjur/jsrsasign
3
https://github.com/moment/moment
3
https://github.com/infor-design/enterprise-ng
3
https://github.com/sveltejs/kit
3
https://github.com/handlebars-lang/handlebars.js
3
https://github.com/cure53/DOMPurify
3
https://github.com/facebook/hermes
3
https://github.com/auth0/passport-wsfed-saml2
3
https://github.com/jfhbrook/node-ecstatic
3
https://github.com/yarnpkg/yarn
3
https://github.com/fastify/fastify-multipart
3
https://github.com/balderdashy/sails
3
https://github.com/stealjs/steal
3
https://github.com/transloadit/uppy
3
https://github.com/steveukx/git-js
3
https://github.com/TryGhost/Ghost
3
https://github.com/Marak/colors.js
3
https://github.com/apollographql/federation
3
https://github.com/nextauthjs/next-auth
3
https://github.com/remix-run/react-router
3
https://github.com/Ylianst/MeshCentral
3
https://github.com/digitalbazaar/forge
3
https://github.com/aws/aws-iot-device-sdk-java-v2
3
https://github.com/keystonejs/keystone
3
https://github.com/fastify/fastify
3
https://github.com/GoogleChrome/rendertron
3
https://github.com/vitejs/vite
3
https://github.com/npm/npm
3
https://github.com/gatsbyjs/gatsby
3
https://github.com/mozilla/pdf.js
3
https://github.com/neocotic/convert-svg
2
https://github.com/rabobank-blockchain/vp-toolkit
2
https://github.com/fb55/css-what
2
https://github.com/websockets/ws
2
https://github.com/418sec/json-ptr
2
https://github.com/debug-js/debug
2
https://github.com/ashaffer/cached-path-relative
2
https://github.com/vvakame/fs-git
2
https://github.com/julianhille/MuhammaraJS
2
https://github.com/NaturalIntelligence/fast-xml-parser
2
https://github.com/discordjs/opus
2
https://github.com/nuxt/nuxt
2
https://github.com/parallax/jsPDF
2
https://github.com/cube-js/cube.js
2
https://github.com/ariabuckles/simple-markdown
2
https://github.com/bitcoinjs/tiny-secp256k1
2
https://github.com/solana-labs/solana-web3.js
2
https://github.com/jquery-validation/jquery-validation
2
https://github.com/DCKT/localhost-now
2
https://github.com/dojo/dojo
2
https://github.com/ljharb/qs
2
https://github.com/rico345100/socket.io-file
2
https://github.com/mout/mout
2
https://github.com/pillarjs/path-to-regexp
2
https://github.com/TryGhost/node-sqlite3
2
https://github.com/erxes/erxes
2
https://github.com/cloudhead/node-static
2
https://github.com/socketio/engine.io
2
https://github.com/strikeentco/set
2
https://github.com/tinacms/tinacms
2
https://github.com/DIYgod/RSSHub
2
https://github.com/open-webui/open-webui
2
https://github.com/immerjs/immer
2
https://github.com/auth0/nextjs-auth0
2
https://github.com/matrix-org/matrix-appservice-irc
2
https://github.com/ebradyjobory/finance.js
2
https://github.com/beerpwn/CVE
2
https://github.com/webpack/loader-utils
2
https://github.com/vivaxy/here
2
https://github.com/VulnSphere/LLMVulnSphere
2
https://github.com/withastro/astro
2
https://github.com/plone/volto
2
https://github.com/markedjs/marked
2
https://github.com/adaltas/node-mixme
2
https://github.com/apollographql/apollo-server
2
https://github.com/cisco/node-jose
2
https://github.com/peerigon/angular-expressions
2
https://github.com/electron-userland/electron-builder
2
https://github.com/dimpu/ngx-md
2
https://github.com/eta-dev/eta
2
https://github.com/evershopcommerce/evershop
2
https://github.com/eclipse-theia/theia
2
https://github.com/modelcontextprotocol/servers
2
https://github.com/oauthjs/node-oauth2-server
2
https://github.com/b-heilman/bmoor
2
https://github.com/nodejs/undici
2
https://github.com/pnpm/pnpm
2
https://github.com/gruntjs/grunt
2
https://github.com/sindresorhus/is-svg
2
https://github.com/hapijs/hoek
2
https://github.com/sonicdoe/detect-character-encoding
2
https://github.com/gigafied/decal.js
2
https://github.com/mariocasciaro/object-path
2
https://github.com/VulnSageAgent/PoCs
2
https://github.com/jonschlinkert/assign-deep
2
https://github.com/johannschopplich/nuxt-api-party
2
https://github.com/chjj/marked
2
https://github.com/louislam/uptime-kuma
2
https://github.com/squirrellyjs/squirrelly
2
https://github.com/ag-grid/ag-grid
2
https://github.com/galkahana/HummusJS
2
https://github.com/OrangeShieldInfos/PoCs
2
https://github.com/npm/arborist
2
https://github.com/clientIO/joint
2
https://github.com/mozilla/node-convict
2
https://github.com/jqueryfiletree/jqueryfiletree
1
https://github.com/sandy98/node-simple-router
1
https://github.com/AppGyver/steroids
1
https://github.com/Foddy/node-red-contrib-huemagic
1
https://github.com/ChainSafe/js-libp2p-noise
1
https://github.com/rendrjs/rendr-handlebars
1
https://github.com/APIDevTools/json-schema-ref-parser
1
https://github.com/magiclen/node-stringbuilder
1
https://github.com/Semantic-Org/Semantic-UI
1
https://github.com/MateusTesser/CVE-2023-31717
1
https://github.com/adaltas/node-csv-parse
1
https://github.com/intlify/vue-i18n
1
https://github.com/chakra-ui/zag
1
https://github.com/wazuh/wazuh
1
https://github.com/BadOPCode/NoDash
1
https://github.com/mafintosh/is-my-json-valid
1
https://github.com/janl/mustache.js
1
https://github.com/mongo-express/mongo-express
1
https://github.com/fastify/fastify-csrf
1
https://github.com/nodeca/js-yaml
1
https://github.com/IonicaBizau/node-gry
1
https://github.com/nicolaskruchten/pivottable
1
https://github.com/isaacs/st
1
https://github.com/tanem/react-svg
1
https://github.com/hlfshell/controlled-merge
1
https://github.com/koush/scrypted
1
https://github.com/vuelidate/vuelidate
1
https://github.com/mongodb-js/compass
1
https://github.com/robinbuschmann/sequelize-typescript
1
https://github.com/jtrussell/semver-tags
1
https://github.com/riot/compiler
1
https://github.com/knsv/mermaid
1
https://github.com/tinymce/tinymce
1
https://github.com/fastly/js-compute-runtime
1
https://github.com/ioBroker/ioBroker.js-controller
1
https://github.com/alizeait/unflatto
1
https://github.com/mrdoob/three.js
1
https://github.com/webpack/webpack-dev-server
1
https://github.com/kaizhu256/node-phantomjs-lite
1
https://github.com/mjmlio/mjml
1
https://github.com/musistudio/claude-code-router
1
https://github.com/andrepolischuk/servst
1
https://github.com/lobehub/lobe-chat
1
https://github.com/joeattardi/emoji-button
1
https://github.com/yeikos/js.merge
1
https://github.com/jquery/jquery-mobile
1
https://github.com/monsterkodi/sds
1
https://github.com/expressjs/method-override
1
https://github.com/feross/simple-get
1
https://github.com/tomas/network
1
https://github.com/mikaelkaron/grunt-util-property
1
https://github.com/Woorank/robots-txt-guard
1
https://github.com/nrako/psnode
1
https://github.com/kos0ng/CVEs
1
https://github.com/ChALkeR/notes
1
https://github.com/node-red/node-red
1