The Wayback Machine - https://web.archive.org/web/20200904212750/https://github.com/advisories
Skip to content

GitHub Advisory Database

2,853 advisories

Validation bypass vulnerability
GHSA-vpgc-7h78-gx8f (Low severity) was published Sep 4, 2020 personnummer (npm)
Information Disclosure and Broken Access Control in Backend Module
CVE-2020-25026 (Moderate severity) was published Sep 2, 2020 derhansen/sf_event_mgt (Composer)
Prevent RCE when calling untrusted remote with CachingHttpClient
CVE-2020-15094 (High severity) was published Sep 2, 2020 symfony/http-kernel (Composer)
Remote Memory Exposure in bl
CVE-2020-8244 (High severity) was published Sep 2, 2020 bl (npm)
Command Injection in bestzip
GHSA-4qqc-mp5f-ccv4 (Critical severity) was published Sep 2, 2020 bestzip (npm)
Improper Authorization in @sap-cloud-sdk/core
GHSA-r2vw-jgq9-jqx2 (High severity) was published Sep 3, 2020 @sap-cloud-sdk/core (npm)
Remote Code Execution in next
GHSA-5vj8-3v2h-h38v (High severity) was published Sep 4, 2020 next (npm)
Cross-Site Scripting in bootstrap-select
GHSA-9r7h-6639-v5mw (High severity) was published Sep 3, 2020 bootstrap-select (npm)
Cross-Site Scripting in @toast-ui/editor
GHSA-cr56-66mx-293v (High severity) was published Sep 3, 2020 @toast-ui/editor (npm)
DLL Injection in kerberos
GHSA-m2mx-rfpw-jghv (High severity) was published Sep 4, 2020 kerberos (npm)
Regular Expression Denial of Service in papaparse
GHSA-qvjc-g5vr-mfgr (High severity) was published Sep 4, 2020 papaparse (npm)
Malicious Package in m-backdoor
GHSA-vv52-3mrp-455m (Critical severity) was published Sep 3, 2020 m-backdoor (npm)
Prototype Pollution in sds
CVE-2020-7618 (High severity) was published Sep 3, 2020 sds (npm)
Buffer Overflow in node-weakauras-parser
GHSA-86mr-6m89-vgj3 (Moderate severity) was published Sep 3, 2020 node-weakauras-parser (npm)
Prototype Pollution in utils-extend
CVE-2020-8147 (High severity) was published Sep 3, 2020 utils-extend (npm)
Server-Side Request Forgery in @uppy/companion
CVE-2020-8135 (High severity) was published Sep 3, 2020 @uppy/companion (npm)
Prototype Pollution in yargs-parser
GHSA-p9pc-299p-vxgp (Low severity) was published Sep 4, 2020 yargs-parser (npm)
Command Injection in node-rules
GHSA-8whr-v3gm-w8h9 (Critical severity) was published Sep 3, 2020 node-rules (npm)
Cross-Site Scripting in htmr
GHSA-f8rq-m28h-8hxj (High severity) was published Sep 3, 2020 htmr (npm)
Path Traversal in sapper
GHSA-f3vw-587g-r29g (Critical severity) was published Sep 3, 2020 sapper (npm)
Cross-Site Scripting in lazysizes
GHSA-w4vp-3mq7-7v82 (High severity) was published Sep 3, 2020 lazysizes (npm)
Command Injection in priest-runner
GHSA-9px9-f7jw-fwhj (Critical severity) was published Sep 3, 2020 priest-runner (npm)
Improper Authorization in react-oauth-flow
GHSA-65m9-m259-7jqw (Critical severity) was published Sep 3, 2020 react-oauth-flow (npm)
Denial of Service in http-proxy
GHSA-6x33-pw7p-hmpq (High severity) was published Sep 4, 2020 http-proxy (npm)
Cross-Site Scripting in ngx-md
GHSA-xr53-m937-jr9c (High severity) was published Sep 3, 2020 ngx-md (npm)
ProTip! Advisories are also available from the GraphQL API.
You can’t perform that action at this time.