npm

4,199 tracked vulnerabilities.

CVE-2021-46871 MEDIUM
Phoenix Phoenix.HTML < 3.0.4 - Cross-Site Scripting in HEEx Class Attributes
Jan 10, 2023
CVSS 6.1
EPSS 0.00
CVE-2021-4307 MEDIUM
Yomguithereal Baobab <2.6.0 - Prototype Pollution
Jan 07, 2023
CVSS 6.3
EPSS 0.01
CVE-2021-4306 LOW
cronvel terminal-kit <2.1.8 - Info Disclosure
Jan 07, 2023
CVSS 3.5
EPSS 0.01
CVE-2021-4305 LOW
Woorank robots-txt-guard - Info Disclosure
Jan 05, 2023
CVSS 3.5
EPSS 0.01
CVE-2021-32821 MEDIUM
MooTools < 1.6.0 - Regular Expression Denial of Service via CSS Selector Parser
Jan 03, 2023
CVSS 6.2
EPSS 0.01
CVE-2021-4299 MEDIUM
cronvel string-kit <0.12.8 - Info Disclosure
Jan 02, 2023
CVSS 4.3
EPSS 0.01
CVE-2021-35065 HIGH
glob-parent 6.0.0 - Regular Expression Denial of Service via Enclosure Regex
Dec 26, 2022
CVSS 7.5
EPSS 0.02
CVE-2021-4279 MEDIUM
Starcounter-Jack JSON-Patch <3.1.0 - Prototype Pollution
Dec 25, 2022
CVSS 6.3
EPSS 0.01
CVE-2021-4278 MEDIUM
cronvel tree-kit <0.7.0 - Prototype Pollution
Dec 25, 2022
CVSS 5.5
EPSS 0.00
CVE-2021-4264 MEDIUM
LinkedIn dustjs <3.0.0 - Prototype Pollution
Dec 21, 2022
CVSS 6.3
EPSS 0.01
CVE-2021-4260 MEDIUM
oils-js < 2021-03-23 - Open Redirect in Web.js
Dec 19, 2022
CVSS 6.3
EPSS 0.00
CVE-2021-4245 MEDIUM
chbrown rfc6902 - Prototype Pollution
Dec 15, 2022
CVSS 5.5
EPSS 0.01
CVE-2021-33420 CRITICAL
inikulin replicator <1.0.4 - Code Injection
Dec 15, 2022
CVSS 9.8
EPSS 0.02
CVE-2021-43309 MEDIUM
uri-template-lite < 22.9.0 - Regular Expression Denial of Service via URI.expand Method
Aug 24, 2022
CVSS 5.9
EPSS 0.01
CVE-2021-23451 MEDIUM
otp-generator <3.0.0 - Info Disclosure
Jul 25, 2022
CVSS 6.5
EPSS 0.01
CVE-2021-23373 HIGH
set-deep-prop - Prototype Pollution via Main Functionality
Jul 25, 2022
CVSS 7.5
EPSS 0.01
CVE-2021-40663 CRITICAL
deep.assign 0.0.0-alpha.0 - Prototype Pollution
Jun 30, 2022
CVSS 9.8
EPSS 0.02
CVE-2021-33295 MEDIUM
Joplin < 1.8.5 - Stored Cross-Site Scripting via Improper HTML Sanitization
Jun 16, 2022
CVSS 5.4
EPSS 0.01
CVE-2021-43308 MEDIUM
markdown-link-extractor < 3.0.2 - Regular Expression Denial of Service via Exponential ReDoS
Jun 02, 2022
CVSS 5.9
EPSS 0.01
CVE-2021-43307 MEDIUM
semver-regex < 3.1.4 - Regular Expression Denial of Service via test() Method
Jun 02, 2022
CVSS 5.9
EPSS 0.01
CVE-2021-43306 MEDIUM
jquery-validation < 1.19.4 - Regular Expression Denial of Service via url2 Method
Jun 02, 2022
CVSS 5.9
EPSS 0.01
CVE-2021-34084 CRITICAL
s3-uploader < 2.0.3 - OS Command Injection via Metadata Function
Jun 02, 2022
CVSS 9.8
EPSS 0.03
CVE-2021-34083 HIGH
google-it < 1.6.2 - Remote Code Execution via Open in Browser Option
Jun 02, 2022
CVSS 8.1
EPSS 0.02
CVE-2021-34082 CRITICAL
proctree < 0.1.1 - OS Command Injection via fix Function
Jun 02, 2022
CVSS 9.8
EPSS 0.05
CVE-2021-34081 HIGH
gitsome < 0.2.3 - OS Command Injection via Crafted Git Tag Name
Jun 02, 2022
CVSS 8.8
EPSS 0.04