Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

6 advisories

Loading
@strapi/plugin-users-permissions leaks 3rd party authentication tokens and authentication bypass High
CVE-2024-34065 was published for @strapi/plugin-users-permissions (npm) Jun 12, 2024
Eventyret iarce-qb
derrickmehaffy innerdvations alexandrebodin
node-fetch forwards secure headers to untrusted sites High
CVE-2022-0235 was published for node-fetch (npm) Jan 21, 2022
kurt-r2c
DOS and Open Redirect with user input High
CVE-2021-22964 was published for fastify-static (npm) Oct 12, 2021
oauth2-server through 3.1.1 vulnerable to Open Redirect High
CVE-2020-26938 was published for oauth2-server (npm) Aug 30, 2022
URL Redirection to Untrusted Site ('Open Redirect') in express-openid-connect High
CVE-2022-24794 was published for express-openid-connect (npm) Mar 31, 2022
jviding kurt-r2c
Open Redirect in ecstatic High
GHSA-9q64-mpxx-87fg was published for ecstatic (npm) Apr 1, 2020
ProTip! Advisories are also available from the GraphQL API