Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

8 advisories

Loading
OpenZeppelin Contracts and Contracts Upgradeable duplicated execution of subcalls in v4.9.4 Moderate
CVE-2023-49798 was published for @openzeppelin/contracts (npm) Dec 12, 2023
Trigger `beforeFind` not invoked in internal query pipeline when fetching pointer High
CVE-2023-41058 was published for parse-server (npm) Sep 4, 2023
Moumouls mtrezza
bson-objectid contains Improper input validation High
CVE-2019-19729 was published for bson-objectid (npm) May 24, 2022
Incorrect Handling of Non-Boolean Comparisons During Minification in uglify-js Critical
CVE-2015-8857 was published for uglifier (RubyGems) Oct 24, 2017
Missing Handler in @scandipwa/magento-scripts Moderate
CVE-2021-32684 was published for @scandipwa/magento-scripts (npm) Jun 21, 2021
Solana Pay Vulnerable to Weakness in Transfer Validation Logic Moderate
CVE-2022-35917 was published for @solana/pay (npm) Aug 6, 2022
cmowenby
Always-Incorrect Control Flow Implementation in Facebook Hermes Critical
CVE-2020-1914 was published for hermes-engine (npm) May 24, 2022
Nsquik troZee
CHaNGeTe mmehtonen-24i bdellegrazie
ProTip! Advisories are also available from the GraphQL API