GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
1,015 advisories
NextAuth.js before 4.10.3 and 3.29.10 sending verification requests (magic link) to unwanted emails
Critical
CVE-2022-35924
was published
for
next-auth
(npm)
Aug 2, 2022
loopback-connector-postgresql Vulnerable to Improper Sanitization of `contains` Filter
Critical
CVE-2022-35942
was published
for
loopback-connector-postgresql
(npm)
Aug 11, 2022
React Editable Json Tree vulnerable to arbitrary code execution via function parsing
Critical
CVE-2022-36010
was published
for
react-editable-json-tree
(npm)
Aug 18, 2022
Cryptographically weak PRNG in `utils.generateUUID`
Critical
CVE-2022-36045
was published
for
nodebb
(npm)
Aug 30, 2022
Server-Side Request Forgery (SSRF) in GitHub repository ionicabizau/parse-url
Critical
CVE-2022-2900
was published
for
parse-url
(npm)
Sep 15, 2022
ProTip!
Advisories are also available from the
GraphQL API