Thanks to visit codestin.com
Credit goes to security.snyk.io

Homepage
Snyk Security Dog Illustration

Snyk Security Database

The leading database for open source vulnerabilities and cloud misconfigurations

Explore packages and vulnerabilities by …

Application

npmMavenpipNuGetcocoapodsComposerGo logoGoRubyGemsUnmanagedCargo logoCargoSwifthexpubConan logoConan

Operating system

DebianAlpine LinuxUbuntuRed Hat Enterprise LinuxCentOSAmazon Linux logoAmazon LinuxOracle Linux logoOracle LinuxRocky LinuxSuse Linux Enterprise ServerWolfiAlmaLinuxChainguard

Infrastructure as Code

AWSAzureGCPKubernetes

Vulnerabilities from the last week

Open Redirect

0.0
0
10
SECURITY ISSUES FOUNDKEY ECOSYSTEM PROJECTHEALTHYACTIVE
Affects

@remix-run/router <1.23.1

@remix-run/router is a Nested/Data-driven/Framework-agnostic Routing

Affected versions of this package are vulnerable to Open Redirect via the resolvePath() function when used with navigate, <Link>, or redirect. An attacker can cause the application to redirect users to external, potentially malicious URLs by supplying crafted paths.

Note:

This is only exploitable if untrusted content is passed into navigation paths in the application code.

Improper Handling of Highly Compressed Data (Data Amplification)

0.0
0
10
Affects

urllib3 [1.22,2.6.3)

urllib3 is a HTTP library with thread-safe connection pooling, file post, and more.

Affected versions of this package are vulnerable to Improper Handling of Highly Compressed Data (Data Amplification) via the streaming API when handling HTTP redirects. An attacker can cause excessive resource consumption by serving a specially crafted compressed response that triggers decompression of large amounts of data before any read limits are enforced.

Note: This is only exploitable if content is streamed from untrusted sources with redirects enabled.

Open Redirect

0.0
0
10
Affects

org.webjars.npm:react-router [,6.30.2) , [7.0.0,7.9.6)

Affected versions of this package are vulnerable to Open Redirect via the resolvePath() function when used with navigate, <Link>, or redirect. An attacker can cause the application to redirect users to external, potentially malicious URLs by supplying crafted paths.

Note:

This is only exploitable if untrusted content is passed into navigation paths in the application code.

Recent vulnerabilities disclosed by Snyk

Snyk security
researchers
have disclosed

3455

vulnerabilities

Snyk mascot with laptop
See all Snyk disclosed vulnerabilities
Report a new vulnerability

About Snyk dependencies vulnerability database

Snyk is a developer security platform. Integrating directly into development tools, workflows, and automation pipelines, Snyk makes it easy for teams to find, prioritize, and fix security vulnerabilities in code, dependencies, containers, and infrastructure as code. Supported by industry-leading application and security intelligence, Snyk puts security expertise in any developer's toolkit.

Snyk graduation illustration