npm
4,199 tracked vulnerabilities.
CVE-2021-46871
MEDIUM
Phoenix Phoenix.HTML < 3.0.4 - Cross-Site Scripting in HEEx Class Attributes
Jan 10, 2023
CVSS 6.1
EPSS 0.00
CVE-2021-4307
MEDIUM
Yomguithereal Baobab <2.6.0 - Prototype Pollution
Jan 07, 2023
CVSS 6.3
EPSS 0.01
CVE-2021-4306
LOW
cronvel terminal-kit <2.1.8 - Info Disclosure
Jan 07, 2023
CVSS 3.5
EPSS 0.01
CVE-2021-4305
LOW
Woorank robots-txt-guard - Info Disclosure
Jan 05, 2023
CVSS 3.5
EPSS 0.01
CVE-2021-32821
MEDIUM
MooTools < 1.6.0 - Regular Expression Denial of Service via CSS Selector Parser
Jan 03, 2023
CVSS 6.2
EPSS 0.01
CVE-2021-4299
MEDIUM
cronvel string-kit <0.12.8 - Info Disclosure
Jan 02, 2023
CVSS 4.3
EPSS 0.01
CVE-2021-35065
HIGH
glob-parent 6.0.0 - Regular Expression Denial of Service via Enclosure Regex
Dec 26, 2022
CVSS 7.5
EPSS 0.02
CVE-2021-4279
MEDIUM
Starcounter-Jack JSON-Patch <3.1.0 - Prototype Pollution
Dec 25, 2022
CVSS 6.3
EPSS 0.01
CVE-2021-4278
MEDIUM
cronvel tree-kit <0.7.0 - Prototype Pollution
Dec 25, 2022
CVSS 5.5
EPSS 0.00
CVE-2021-4264
MEDIUM
LinkedIn dustjs <3.0.0 - Prototype Pollution
Dec 21, 2022
CVSS 6.3
EPSS 0.01
CVE-2021-4260
MEDIUM
oils-js < 2021-03-23 - Open Redirect in Web.js
Dec 19, 2022
CVSS 6.3
EPSS 0.00
CVE-2021-4245
MEDIUM
chbrown rfc6902 - Prototype Pollution
Dec 15, 2022
CVSS 5.5
EPSS 0.01
CVE-2021-33420
CRITICAL
inikulin replicator <1.0.4 - Code Injection
Dec 15, 2022
CVSS 9.8
EPSS 0.02
CVE-2021-43309
MEDIUM
uri-template-lite < 22.9.0 - Regular Expression Denial of Service via URI.expand Method
Aug 24, 2022
CVSS 5.9
EPSS 0.01
CVE-2021-23451
MEDIUM
otp-generator <3.0.0 - Info Disclosure
Jul 25, 2022
CVSS 6.5
EPSS 0.01
CVE-2021-23373
HIGH
set-deep-prop - Prototype Pollution via Main Functionality
Jul 25, 2022
CVSS 7.5
EPSS 0.01
CVE-2021-40663
CRITICAL
deep.assign 0.0.0-alpha.0 - Prototype Pollution
Jun 30, 2022
CVSS 9.8
EPSS 0.02
CVE-2021-33295
MEDIUM
Joplin < 1.8.5 - Stored Cross-Site Scripting via Improper HTML Sanitization
Jun 16, 2022
CVSS 5.4
EPSS 0.01
CVE-2021-43308
MEDIUM
markdown-link-extractor < 3.0.2 - Regular Expression Denial of Service via Exponential ReDoS
Jun 02, 2022
CVSS 5.9
EPSS 0.01
CVE-2021-43307
MEDIUM
semver-regex < 3.1.4 - Regular Expression Denial of Service via test() Method
Jun 02, 2022
CVSS 5.9
EPSS 0.01
CVE-2021-43306
MEDIUM
jquery-validation < 1.19.4 - Regular Expression Denial of Service via url2 Method
Jun 02, 2022
CVSS 5.9
EPSS 0.01
CVE-2021-34084
CRITICAL
s3-uploader < 2.0.3 - OS Command Injection via Metadata Function
Jun 02, 2022
CVSS 9.8
EPSS 0.03
CVE-2021-34083
HIGH
google-it < 1.6.2 - Remote Code Execution via Open in Browser Option
Jun 02, 2022
CVSS 8.1
EPSS 0.02
CVE-2021-34082
CRITICAL
proctree < 0.1.1 - OS Command Injection via fix Function
Jun 02, 2022
CVSS 9.8
EPSS 0.05
CVE-2021-34081
HIGH
gitsome < 0.2.3 - OS Command Injection via Crafted Git Tag Name
Jun 02, 2022
CVSS 8.8
EPSS 0.04
Products
openclaw 433
parse-server 98
flowise 67
n8n 67
directus 53
electron 48
next 47
vm2 41
axios 33
hono 30
undici 30
nocodb 25
pnpm 25
ghost 22
vite 21
tinymce 18
astro 17
ckeditor4 15
fuxa-server 15
jspdf 15
tar 15
joplin 14
liquidjs 14
nodebb 14
protobufjs 14
sequelize 14
flowise-components 13
react-router 13
signalk-server 13
angular 12
Quick Filters