npm
5,164,451 packages · npmjs.org
Security Advisories for https://github.com/withastro/astro in npm Clear Filters
High
29 days ago
Server-Side Request Forgery via /_image endpoint in Astro Cloudflare adapter
npm
@astrojs/cloudflare
Moderate
about 2 months ago
Astro allows unauthorized third-party images in _image endpoint
npm
astro, @astrojs/node
Moderate
about 2 months ago
@astrojs/node's trailing slash handling causes open redirect issue
npm
@astrojs/node
Moderate
about 2 months ago
Astros's duplicate trailing slash feature leads to an open redirection security issue
npm
astro
High
10 months ago
Astro's server source code is exposed to the public if sourcemaps are enabled
npm
astro
Moderate
12 months ago
DOM Clobbering Gadget found in astro's client-side router that leads to XSS
npm
astro
Filter by Severity
Filter by Package
directus
39
parse-server
33
next
29
electron
28
flowise
26
@openzeppelin/contracts
21
@openzeppelin/contracts-upgradeable
21
sequelize
16
ghost
16
tinymce
16
ckeditor4
15
vite
15
undici
15
nodebb
14
swagger-ui
14
joplin
14
angular
14
strapi
13
matrix-js-sdk
12
marked
12
vm2
12
nocodb
11
handlebars
11
tinymce/tinymce
10
TinyMCE
10
@anthropic-ai/claude-code
10
n8n
10
@evershop/evershop
9
matrix-react-sdk
9
@strapi/strapi
9
uptime-kuma
9
systeminformation
9
matrix-appservice-irc
9
serve
9
next-auth
9
urijs
8
elliptic
8
dompurify
8
npm
8
validator
8
jsrsasign
8
shescape
8
@haxtheweb/haxcms-nodejs
8
url-parse
8
node-forge
8
sanitize-html
8
editor.md
8
steal
8
@directus/api
8
express-cart
8
vega
7
hapi
7
snyk-broker
7
hermes-engine
7
mermaid
7
mongoose
7
total.js
7
@lobehub/chat
7
axios
7
tar
7
openpgp
6
org.webjars.npm:jquery-ui
6
prismjs
6
safe-eval
6
@sveltejs/kit
6
parse-url
6
mattermost-desktop
6
jQuery.UI.Combined
6
tarteaucitronjs
6
hono
6
rsshub
6
aaptjs
6
bootstrap
6
jquery-ui
6
@strapi/plugin-users-permissions
6
xlsx
5
@backstage/plugin-scaffolder-backend
5
aws-cdk-lib
5
mysql2
5
keystone
5
sweetalert2
5
bootstrap
5
public
5
rendertron
5
jquery
5
vditor
5
nuxt
5
astro
5
better-auth
5
jspdf
5
@keystone-6/core
5
@saltcorn/server
5
yarn
5
express
5
ua-parser-js
5
katex
5
ws
5
fastify
5
twbs/bootstrap
5
froala-editor
5
org.webjars:bootstrap
5
ejs
5
total4
5
passport-wsfed-saml2
5
dojo
5
bootstrap-sass
5
@auth0/nextjs-auth0
4
pnpm
4
ecstatic
4
aws-iot-device-sdk-v2
4
apostrophe
4
generator-jhipster
4
follow-redirects
4
moment
4
software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
4
safer-eval
4
apollo-server-core
4
materialize-css
4
auth0-js
4
yui
4
mongosh
4
engine.io
4
xml-crypto
4
simple-markdown
4
code-server
4
@intlify/vue-i18n-core
4
qs
4
meshcentral
4
trix
4
bootstrap
4
ses
4
snyk
4
glance
4
remarkable
4
petite-vue-i18n
4
erxes
4
multer
4
auth0-lock
4
mongo-express
4
bootstrap-sass
4
@apollo/gateway
4
convert-svg-core
4
muhammara
4
awsiotsdk
4
jsonwebtoken
4
jQuery
4
@finos/git-proxy
4
vega-functions
4
tar-fs
4
jquery-validation
4
vue-i18n
4
realms-shim
4
payload
4
simple-git
4
valine
4
fast-xml-parser
4
@soketi/soketi
3
mxgraph
3
jquery-ui-rails
3
stimulsoft-dashboards-js
3
connect
3
yapi-vendor
3
xdLocalStorage
3
highcharts
3
@backstage/techdocs-common
3
@intlify/core
3
llhttp
3
localhost-now
3
socket.io
3
@strapi/admin
3
@strapi/utils
3
ftp-srv
3
socket.io-file
3
node-red-dashboard
3
json-pointer
3
serialize-javascript
3
dojox
3
bootstrap.sass
3
libxmljs
3
@node-saml/node-saml
3
@cubejs-backend/api-gateway
3
locutus
3
parsel
3
mcp-markdownify-server
3
jointjs
3
@janhq/core
3
slp-validate
3
webpack-dev-server
3
immer
3
nodemailer
3
simplehttpserver
3
mysql
3
ids-enterprise
3
@apollo/server
3
@commercial/subtext
3
@frangoteam/fuxa
3
loader-utils
3
tough-cookie
3
http-live-simulator
3
buttle
3
Filter by Repository
https://github.com/directus/directus
41
https://github.com/parse-community/parse-server
33
https://github.com/electron/electron
28
https://github.com/strapi/strapi
25
https://github.com/vercel/next.js
25
https://github.com/FlowiseAI/Flowise
23
https://github.com/OpenZeppelin/openzeppelin-contracts
21
https://github.com/backstage/backstage
19
https://github.com/sequelize/sequelize
16
https://github.com/tinymce/tinymce
16
https://github.com/vitejs/vite
15
https://github.com/nodejs/undici
15
https://github.com/ckeditor/ckeditor4
14
https://github.com/TryGhost/Ghost
14
https://github.com/swagger-api/swagger-ui
13
https://github.com/laurent22/joplin
13
https://github.com/VulnSageAgent/PoCs
12
https://github.com/patriksimek/vm2
12
https://github.com/matrix-org/matrix-js-sdk
12
https://github.com/NodeBB/NodeBB
12
https://github.com/nocodb/nocodb
11
https://github.com/keystonejs/keystone
11
https://github.com/n8n-io/n8n
10
https://github.com/nextauthjs/next-auth
10
https://github.com/anthropics/claude-code
10
https://github.com/evershopcommerce/evershop
9
https://github.com/louislam/uptime-kuma
9
https://github.com/matrix-org/matrix-react-sdk
9
https://github.com/sebhildebrandt/systeminformation
9
https://github.com/matrix-org/matrix-appservice-irc
9
https://github.com/haxtheweb/issues
9
https://github.com/indutny/elliptic
8
https://github.com/pandao/editor.md
8
https://github.com/stealjs/steal
8
https://github.com/ericcornelissen/shescape
8
https://github.com/kjur/jsrsasign
8
https://github.com/cure53/DOMPurify
8
https://github.com/apollographql/apollo-server
8
https://github.com/nuxt/nuxt
8
https://github.com/digitalbazaar/forge
8
https://github.com/vega/vega
8
https://github.com/aws/aws-cdk
7
https://github.com/axios/axios
7
https://github.com/saltcorn/saltcorn
7
https://github.com/jquery/jquery
7
https://github.com/unshiftio/url-parse
7
https://github.com/lobehub/lobe-chat
7
https://github.com/withastro/astro
7
https://github.com/totaljs/framework
6
https://github.com/panva/jose
6
https://github.com/ckeditor/ckeditor5
6
https://github.com/facebook/hermes
6
https://github.com/DIYgod/RSSHub
6
https://github.com/markedjs/marked
6
https://github.com/honojs/hono
6
https://github.com/ionicabizau/parse-url
6
https://github.com/shenzhim/aaptjs
6
https://github.com/sveltejs/kit
6
https://github.com/apostrophecms/sanitize-html
6
https://github.com/eclipse-theia/theia
6
https://github.com/openpgpjs/openpgpjs
6
https://github.com/npm/node-tar
6
https://github.com/PrismJS/prism
5
https://github.com/hacksparrow/safe-eval
5
https://github.com/auth0/passport-wsfed-saml2
5
https://github.com/AmauriC/tarteaucitron.js
5
https://github.com/better-auth/better-auth
5
https://github.com/handlebars-lang/handlebars.js
5
https://github.com/sidorares/node-mysql2
5
https://github.com/KaTeX/KaTeX
5
https://github.com/GoogleChrome/rendertron
5
https://github.com/mermaid-js/mermaid
5
https://github.com/fastify/fastify
5
https://github.com/faisalman/ua-parser-js
5
https://github.com/npm/cli
5
https://github.com/gatsbyjs/gatsby
5
https://github.com/jquery/jquery-ui
5
https://github.com/sweetalert2/sweetalert2
5
https://github.com/BlackFan/client-side-prototype-pollution
5
https://github.com/cloudflare/workers-sdk
5
https://github.com/Automattic/mongoose
5
https://github.com/npm/npm
4
https://github.com/Dogfalo/materialize
4
https://github.com/websockets/ws
4
https://github.com/steveukx/git-js
4
https://github.com/follow-redirects/follow-redirects
4
https://github.com/payloadcms/payload
4
https://github.com/mde/ejs
4
https://github.com/Ylianst/MeshCentral
4
https://github.com/basecamp/trix
4
https://github.com/NaturalIntelligence/fast-xml-parser
4
https://github.com/balderdashy/sails
4
https://github.com/yarnpkg/yarn
4
https://github.com/mrvautin/expressCart
4
https://github.com/jhipster/generator-jhipster
4
https://github.com/auth0/node-jsonwebtoken
4
https://github.com/ofirdagan/cross-domain-local-storage
4
https://github.com/hapijs/hapi
4
https://github.com/auth0/nextjs-auth0
4
https://github.com/pnpm/pnpm
4
https://github.com/auth0/lock
4
https://github.com/finos/git-proxy
4
https://github.com/mafintosh/tar-fs
4
https://github.com/twbs/bootstrap
4
https://github.com/vendure-ecommerce/vendure
4
https://github.com/expressjs/multer
4
https://github.com/medialize/URI.js
4
https://github.com/xCss/Valine
4
https://github.com/angular/angular.js
4
https://github.com/intlify/vue-i18n
4
https://github.com/node-opcua/node-opcua
4
https://github.com/erxes/erxes
4
https://github.com/jonschlinkert/remarkable
4
https://github.com/expressjs/express
4
https://github.com/socketio/engine.io
4
https://github.com/aws/aws-iot-device-sdk-java-v2
4
https://github.com/jquery-validation/jquery-validation
4
https://github.com/node-saml/node-saml
4
https://github.com/medialize/uri.js
4
https://github.com/getsentry/sentry-javascript
4
https://github.com/zcaceres/markdownify-mcp
3
https://github.com/ChainSafe/lodestar
3
https://github.com/feathersjs-ecosystem/feathers-sequelize
3
https://github.com/mongodb/js-bson
3
https://github.com/chjj/marked
3
https://github.com/node-fetch/node-fetch
3
https://github.com/jfhbrook/node-ecstatic
3
https://github.com/agnaistic/agnai
3
https://github.com/zestedesavoir/zmarkdown
3
https://github.com/dojo/dojo
3
https://github.com/infor-design/enterprise-ng
3
https://github.com/xmldom/xmldom
3
https://github.com/HackAllSec/CVEs
3
https://github.com/mariocasciaro/object-path
3
https://github.com/typeorm/typeorm
3
https://github.com/moment/moment
3
https://github.com/endojs/endo
3
https://github.com/mongo-express/mongo-express
3
https://github.com/micromatch/braces
3
https://github.com/ag-grid/ag-grid
3
https://github.com/skoranga/node-dns-sync
3
https://github.com/cisco/node-jose
3
https://github.com/clientIO/joint
3
https://github.com/beerpwn/CVE
3
https://github.com/webpack/webpack-dev-server
3
https://github.com/facebook/react
3
https://github.com/Marak/colors.js
3
https://github.com/dojo/dojox
3
https://github.com/postcss/postcss
3
https://github.com/froala/wysiwyg-editor
3
https://github.com/hapijs/subtext
3
https://github.com/snyk/cli
3
https://github.com/simpleledger/slpjs
3
https://github.com/manuelstofer/json-pointer
3
https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable
3
https://github.com/soketi/soketi
3
https://github.com/kujirahand/nadesiko3
3
https://github.com/docsifyjs/docsify
3
https://github.com/jasonraimondi/url-to-png
3
https://github.com/fastify/fastify-multipart
3
https://github.com/MrRio/jsPDF
3
https://github.com/RIAEvangelist/node-ipc
3
https://github.com/nasa/openmct
3
https://github.com/vanessa219/vditor
3
https://github.com/YMFE/yapi
3
https://github.com/actions/toolkit
3
https://github.com/snowflakedb/snowflake-connector-nodejs
3
https://github.com/webpack/loader-utils
3
https://github.com/transloadit/uppy
3
https://github.com/koajs/koa
3
https://github.com/nodemailer/nodemailer
3
https://github.com/mozilla/node-convict
3
https://github.com/salesforce/tough-cookie
3
https://github.com/vriteio/vrite
3
https://github.com/chimurai/http-proxy-middleware
3
https://github.com/plone/volto
3
https://github.com/josdejong/mathjs
3
https://github.com/dwisiswant0/advisory
3
https://github.com/libxmljs/libxmljs
3
https://github.com/adaltas/node-mixme
3
https://github.com/cloudhead/node-static
3
https://github.com/zeit/next.js
3
https://github.com/mozilla/pdf.js
3
https://github.com/Escape-Technologies/graphql-armor
3
https://github.com/gruntjs/grunt
3
https://github.com/peerigon/angular-expressions
3
https://github.com/apostrophecms/apostrophe
3
https://github.com/renovatebot/renovate
3
https://github.com/udecode/plate
3
https://github.com/highcharts/highcharts
3
https://github.com/koush/scrypted
3
https://github.com/lukeed/dset
3
https://github.com/socketio/socket.io
3
https://github.com/immerjs/immer
3
https://github.com/nestjs/nest
3
https://github.com/neocotic/convert-svg
3
https://github.com/yahoo/serialize-javascript
3
https://github.com/node-saml/xml-crypto
3
https://github.com/apollographql/federation
3