npm
5,225,271 packages · npmjs.org
Security Advisories for https://github.com/withastro/astro in npm Clear Filters
High
22 days ago
Astro's bypass of image proxy domain validation leads to SSRF and potential XSS
npm
astro
High
3 months ago
Server-Side Request Forgery via /_image endpoint in Astro Cloudflare adapter
npm
@astrojs/cloudflare
Moderate
3 months ago
Astro allows unauthorized third-party images in _image endpoint
npm
astro, @astrojs/node
Moderate
3 months ago
@astrojs/node's trailing slash handling causes open redirect issue
npm
@astrojs/node
Moderate
3 months ago
Astros's duplicate trailing slash feature leads to an open redirection security issue
npm
astro
High
11 months ago
Astro's server source code is exposed to the public if sourcemaps are enabled
npm
astro
Moderate
about 1 year ago
DOM Clobbering Gadget found in astro's client-side router that leads to XSS
npm
astro
Filter by Severity
Filter by Package
directus
43
parse-server
35
flowise
33
next
29
electron
28
@openzeppelin/contracts
21
@openzeppelin/contracts-upgradeable
21
ghost
16
tinymce
16
sequelize
16
vite
16
undici
15
ckeditor4
15
joplin
14
nodebb
14
swagger-ui
14
angular
14
strapi
13
n8n
12
vm2
12
matrix-js-sdk
12
marked
12
TinyMCE
11
nocodb
11
tinymce/tinymce
11
@evershop/evershop
10
uptime-kuma
10
@directus/api
10
bootstrap
10
next-auth
10
handlebars
10
@anthropic-ai/claude-code
10
@strapi/strapi
10
validator
9
matrix-appservice-irc
9
matrix-react-sdk
9
systeminformation
9
serve
9
astro
9
url-parse
8
@lobehub/chat
8
dompurify
8
node-forge
8
jsrsasign
8
elliptic
8
urijs
8
vega
8
tar
8
express-cart
8
steal
8
editor.md
8
hono
8
shescape
8
npm
8
@haxtheweb/haxcms-nodejs
8
sanitize-html
8
axios
7
mongoose
7
snyk-broker
7
mermaid
7
total.js
7
jquery-ui
7
hermes-engine
7
org.webjars.npm:jquery-ui
7
hapi
7
lodash
7
jquery
6
tarteaucitronjs
6
mattermost-desktop
6
jQuery.UI.Combined
6
openpgp
6
prismjs
6
safe-eval
6
aaptjs
6
parse-url
6
@sveltejs/kit
6
rsshub
6
@strapi/plugin-users-permissions
6
better-auth
6
ws
5
sweetalert2
5
mysql2
5
public
5
passport-wsfed-saml2
5
express
5
total4
5
open-webui
5
@saltcorn/server
5
xlsx
5
yarn
5
jQuery
5
keystone
5
katex
5
rendertron
5
vditor
5
@backstage/plugin-scaffolder-backend
5
dojo
5
aws-cdk-lib
5
bootstrap
5
ua-parser-js
5
nuxt
5
trix
5
ejs
5
@keystone-6/core
5
fastify
5
open-webui
5
jspdf
5
auth0-lock
4
mongo-express
4
safer-eval
4
xml-crypto
4
aws-iot-device-sdk-v2
4
generator-jhipster
4
tar-fs
4
erxes
4
bootstrap-sass
4
pnpm
4
muhammara
4
@auth0/nextjs-auth0
4
ecstatic
4
apostrophe
4
@finos/git-proxy
4
mongosh
4
materialize-css
4
realms-shim
4
simple-git
4
froala-editor
4
nodemailer
4
lodash-es
4
valine
4
meshcentral
4
qs
4
glance
4
jsonwebtoken
4
auth0-js
4
vega-functions
4
koa
4
vue-i18n
4
payload
4
jquery-validation
4
simple-markdown
4
follow-redirects
4
yui
4
software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
4
apollo-server-core
4
engine.io
4
js-yaml
4
@intlify/vue-i18n-core
4
convert-svg-core
4
@apollo/gateway
4
fast-xml-parser
4
snyk
4
remarkable
4
typeorm
4
multer
4
awsiotsdk
4
code-server
4
@node-saml/node-saml
4
ses
4
petite-vue-i18n
4
moment
4
json-ptr
3
dns-sync
3
slpjs
3
@intlify/core-base
3
dset
3
blamer
3
jose
3
xdLocalStorage
3
mxgraph
3
jquery-ui-rails
3
yapi-vendor
3
sails
3
bootstrap-sass
3
wrangler
3
docsify
3
connect
3
llhttp
3
highcharts
3
ftp-srv
3
flowise-components
3
postcss
3
socket.io-file
3
m-server
3
@intlify/core
3
@soketi/soketi
3
uap-core
3
localhost-now
3
parse
3
@strapi/utils
3
object-path
3
serialize-javascript
3
json-pointer
3
libxmljs
3
jointjs
3
@cubejs-backend/api-gateway
3
stimulsoft-dashboards-js
3
locutus
3
@janhq/core
3
webpack-dev-server
3
Filter by Repository
https://github.com/directus/directus
41
https://github.com/parse-community/parse-server
34
https://github.com/strapi/strapi
29
https://github.com/FlowiseAI/Flowise
28
https://github.com/electron/electron
28
https://github.com/vercel/next.js
25
https://github.com/OpenZeppelin/openzeppelin-contracts
21
https://github.com/backstage/backstage
19
https://github.com/vitejs/vite
16
https://github.com/sequelize/sequelize
16
https://github.com/tinymce/tinymce
16
https://github.com/nodejs/undici
15
https://github.com/TryGhost/Ghost
14
https://github.com/ckeditor/ckeditor4
14
https://github.com/laurent22/joplin
13
https://github.com/swagger-api/swagger-ui
13
https://github.com/n8n-io/n8n
12
https://github.com/matrix-org/matrix-js-sdk
12
https://github.com/NodeBB/NodeBB
12
https://github.com/patriksimek/vm2
12
https://github.com/nextauthjs/next-auth
11
https://github.com/VulnSageAgent/PoCs
11
https://github.com/nocodb/nocodb
11
https://github.com/keystonejs/keystone
11
https://github.com/louislam/uptime-kuma
10
https://github.com/anthropics/claude-code
10
https://github.com/evershopcommerce/evershop
9
https://github.com/matrix-org/matrix-react-sdk
9
https://github.com/haxtheweb/issues
9
https://github.com/matrix-org/matrix-appservice-irc
9
https://github.com/withastro/astro
9
https://github.com/sebhildebrandt/systeminformation
9
https://github.com/pandao/editor.md
8
https://github.com/honojs/hono
8
https://github.com/ericcornelissen/shescape
8
https://github.com/stealjs/steal
8
https://github.com/cure53/DOMPurify
8
https://github.com/vega/vega
8
https://github.com/jquery/jquery
8
https://github.com/digitalbazaar/forge
8
https://github.com/apollographql/apollo-server
8
https://github.com/indutny/elliptic
8
https://github.com/lobehub/lobe-chat
8
https://github.com/nuxt/nuxt
8
https://github.com/kjur/jsrsasign
8
https://github.com/saltcorn/saltcorn
7
https://github.com/axios/axios
7
https://github.com/aws/aws-cdk
7
https://github.com/unshiftio/url-parse
7
https://github.com/twbs/bootstrap
7
https://github.com/lodash/lodash
7
https://github.com/ckeditor/ckeditor5
6
https://github.com/openpgpjs/openpgpjs
6
https://github.com/shenzhim/aaptjs
6
https://github.com/markedjs/marked
6
https://github.com/eclipse-theia/theia
6
https://github.com/facebook/hermes
6
https://github.com/DIYgod/RSSHub
6
https://github.com/better-auth/better-auth
6
https://github.com/panva/jose
6
https://github.com/npm/node-tar
6
https://github.com/ionicabizau/parse-url
6
https://github.com/sveltejs/kit
6
https://github.com/jquery/jquery-ui
6
https://github.com/apostrophecms/sanitize-html
6
https://github.com/totaljs/framework
6
https://github.com/PrismJS/prism
5
https://github.com/sidorares/node-mysql2
5
https://github.com/gatsbyjs/gatsby
5
https://github.com/hacksparrow/safe-eval
5
https://github.com/auth0/passport-wsfed-saml2
5
https://github.com/KaTeX/KaTeX
5
https://github.com/AmauriC/tarteaucitron.js
5
https://github.com/sweetalert2/sweetalert2
5
https://github.com/fastify/fastify
5
https://github.com/GoogleChrome/rendertron
5
https://github.com/mermaid-js/mermaid
5
https://github.com/Automattic/mongoose
5
https://github.com/cloudflare/workers-sdk
5
https://github.com/npm/cli
5
https://github.com/faisalman/ua-parser-js
5
https://github.com/basecamp/trix
5
https://github.com/handlebars-lang/handlebars.js
5
https://github.com/BlackFan/client-side-prototype-pollution
5
https://github.com/pnpm/pnpm
4
https://github.com/hapijs/hapi
4
https://github.com/NaturalIntelligence/fast-xml-parser
4
https://github.com/getsentry/sentry-javascript
4
https://github.com/vendure-ecommerce/vendure
4
https://github.com/medialize/URI.js
4
https://github.com/nodemailer/nodemailer
4
https://github.com/expressjs/multer
4
https://github.com/mafintosh/tar-fs
4
https://github.com/medialize/uri.js
4
https://github.com/jquery-validation/jquery-validation
4
https://github.com/Ylianst/MeshCentral
4
https://github.com/expressjs/express
4
https://github.com/jonschlinkert/remarkable
4
https://github.com/node-saml/node-saml
4
https://github.com/mde/ejs
4
https://github.com/websockets/ws
4
https://github.com/payloadcms/payload
4
https://github.com/koajs/koa
4
https://github.com/jhipster/generator-jhipster
4
https://github.com/auth0/node-jsonwebtoken
4
https://github.com/Dogfalo/materialize
4
https://github.com/steveukx/git-js
4
https://github.com/xCss/Valine
4
https://github.com/ofirdagan/cross-domain-local-storage
4
https://github.com/auth0/lock
4
https://github.com/typeorm/typeorm
4
https://github.com/angular/angular.js
4
https://github.com/erxes/erxes
4
https://github.com/node-opcua/node-opcua
4
https://github.com/yarnpkg/yarn
4
https://github.com/intlify/vue-i18n
4
https://github.com/balderdashy/sails
4
https://github.com/auth0/nextjs-auth0
4
https://github.com/mrvautin/expressCart
4
https://github.com/follow-redirects/follow-redirects
4
https://github.com/aws/aws-iot-device-sdk-java-v2
4
https://github.com/socketio/engine.io
4
https://github.com/open-webui/open-webui
4
https://github.com/finos/git-proxy
4
https://github.com/npm/npm
4
https://github.com/postcss/postcss
3
https://github.com/plone/volto
3
https://github.com/cloudhead/node-static
3
https://github.com/beerpwn/CVE
3
https://github.com/remix-run/react-router
3
https://github.com/infor-design/enterprise-ng
3
https://github.com/validatorjs/validator.js
3
https://github.com/feathersjs-ecosystem/feathers-sequelize
3
https://github.com/yahoo/serialize-javascript
3
https://github.com/dojo/dojo
3
https://github.com/jarofghosts/glance
3
https://github.com/chimurai/http-proxy-middleware
3
https://github.com/peerigon/angular-expressions
3
https://github.com/node-fetch/node-fetch
3
https://github.com/mozilla/node-convict
3
https://github.com/endojs/endo
3
https://github.com/moment/moment
3
https://github.com/dwisiswant0/advisory
3
https://github.com/mongodb/js-bson
3
https://github.com/xmldom/xmldom
3
https://github.com/josdejong/mathjs
3
https://github.com/vriteio/vrite
3
https://github.com/eladnava/mailgen
3
https://github.com/zcaceres/markdownify-mcp
3
https://github.com/HackAllSec/CVEs
3
https://github.com/mariocasciaro/object-path
3
https://github.com/transloadit/uppy
3
https://github.com/zestedesavoir/zmarkdown
3
https://github.com/libxmljs/libxmljs
3
https://github.com/agnaistic/agnai
3
https://github.com/apostrophecms/apostrophe
3
https://github.com/facebook/react
3
https://github.com/adaltas/node-mixme
3
https://github.com/mongo-express/mongo-express
3
https://github.com/udecode/plate
3
https://github.com/docsifyjs/docsify
3
https://github.com/apollographql/federation
3
https://github.com/node-saml/xml-crypto
3
https://github.com/manuelstofer/json-pointer
3
https://github.com/thlorenz/browserify-shim
3
https://github.com/zeit/next.js
3
https://github.com/chjj/marked
3
https://github.com/dojo/dojox
3
https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable
3
https://github.com/mozilla/pdf.js
3
https://github.com/micromatch/braces
3
https://github.com/nodejs/llhttp
3
https://github.com/jfhbrook/node-ecstatic
3
https://github.com/RIAEvangelist/node-ipc
3
https://github.com/soketi/soketi
3
https://github.com/neocotic/convert-svg
3
https://github.com/ChainSafe/lodestar
3
https://github.com/webpack/webpack-dev-server
3
https://github.com/webpack/loader-utils
3
https://github.com/hapijs/subtext
3
https://github.com/fastify/fastify-multipart
3
https://github.com/skoranga/node-dns-sync
3
https://github.com/Marak/colors.js
3
https://github.com/nasa/openmct
3
https://github.com/snyk/cli
3
https://github.com/simpleledger/slpjs
3
https://github.com/salesforce/tough-cookie
3
https://github.com/MrRio/jsPDF
3
https://github.com/vanessa219/vditor
3
https://github.com/cisco/node-jose
3
https://github.com/clientIO/joint
3
https://github.com/jasonraimondi/url-to-png
3
https://github.com/kujirahand/nadesiko3
3
https://github.com/ua-parser/uap-core
3
https://github.com/actions/toolkit
3
https://github.com/YMFE/yapi
3
https://github.com/lukeed/dset
3
https://github.com/koush/scrypted
3
https://github.com/socketio/socket.io
3