GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
159 advisories
loopback-connector-postgresql Vulnerable to Improper Sanitization of `contains` Filter
Critical
CVE-2022-35942
was published
for
loopback-connector-postgresql
(npm)
Aug 11, 2022
NextAuth.js before 4.10.3 and 3.29.10 sending verification requests (magic link) to unwanted emails
Critical
CVE-2022-35924
was published
for
next-auth
(npm)
Aug 2, 2022
Incorrect protocol extraction via \r, \n and \t characters
High
CVE-2022-1243
was published
for
urijs
(npm)
Apr 6, 2022
Spoofing attack in swagger-ui
Moderate
CVE-2018-25031
was published
for
org.webjars:swagger-ui
(Maven)
Mar 12, 2022
Leading white space bypasses protocol validation
Moderate
CVE-2022-24723
was published
for
urijs
(npm)
Mar 3, 2022
Validation bypass in frourio-express
High
CVE-2022-23624
was published
for
frourio-express
(npm)
Feb 7, 2022
Denial of Service Vulnerability in next.js
Moderate
CVE-2022-21721
was published
for
next
(npm)
Jan 28, 2022
ProTip!
Advisories are also available from the
GraphQL API