Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

10 advisories

Loading
AWS CDK RestApi not generating authorizationScope correctly in resultant CFN template Moderate
CVE-2024-45037 was published for aws-cdk (npm) Aug 27, 2024
t0bst4r
Bypass of field access control in strapi-plugin-protected-populate Moderate
CVE-2023-48218 was published for strapi-plugin-protected-populate (npm) Nov 20, 2023
AWS CDK EKS overly permissive trust policies Moderate
CVE-2023-35165 was published for @aws-cdk/aws-eks (npm) Jun 19, 2023
twelvemo stefreak
Incorrect Permission Checking for GraphQL Subscriptions Moderate
CVE-2023-38503 was published for directus (npm) Jul 25, 2023
madc
GraphQL: Security breach on Viewer query Moderate
CVE-2020-15126 was published for parse-server (npm) Jul 22, 2020
Moumouls
Xen Orchestra Mishandles Authorization Moderate
CVE-2021-36383 was published for xo-server (npm) May 24, 2022
Improper Authorization in aedes Moderate
CVE-2018-3778 was published for aedes (npm) Aug 15, 2018
tdunlap607
Android WebView Universal Cross-site Scripting Moderate
CVE-2020-6506 was published for react-native-webview (npm) Oct 2, 2020
alesandroortiz
Incorrect Authorization in cross-fetch Moderate
CVE-2022-1365 was published for cross-fetch (npm) Apr 17, 2022
cysp
parse-server new anonymous user session acts as if it's created with password Moderate
CVE-2021-39138 was published for parse-server (npm) Aug 23, 2021
cbaker6
ProTip! Advisories are also available from the GraphQL API