npm vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the npm package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
Resource Exhaustion

*
  • H
Improper Privilege Management

*
  • H
Directory Traversal

*
  • M
Directory Traversal

*
  • L
Buffer Under-read

*
  • M
Incomplete Documentation

*
  • H
Resource Exhaustion

<1:10.2.4-1.18.19.1.1.module+el8.9.0+21387+21356dec
  • H
Arbitrary Code Injection

*
  • H
Covert Timing Channel

<1:10.2.4-1.18.19.1.1.module+el8.9.0+21387+21356dec
  • H
Information Exposure

<1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824
  • H
Directory Traversal

<1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824
  • H
Improper Validation of Integrity Check Value

<1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824
  • H
Arbitrary Code Injection

<1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824
  • H
Directory Traversal

<1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824
  • H
Resource Exhaustion

<1:10.1.0-1.20.8.1.1.module+el8.9.0+20473+c4e3d824
  • H
Arbitrary Code Injection

<1:9.6.7-1.18.17.1.1.module+el8.8.0+19757+8ca87034
  • H
Information Exposure

<1:9.6.7-1.18.17.1.1.module+el8.8.0+19757+8ca87034
  • H
Information Exposure

<1:9.6.7-1.18.17.1.1.module+el8.8.0+19757+8ca87034
  • H
Inefficient Regular Expression Complexity

<1:9.6.7-1.18.17.1.1.module+el8.8.0+19757+8ca87034
  • M
CVE-2023-30588

<1:9.5.1-1.18.16.1.1.module+el8.8.0+19438+94e84959
  • M
CVE-2023-30589

<1:9.5.1-1.18.16.1.1.module+el8.8.0+19438+94e84959
  • M
CVE-2023-30581

<1:9.5.1-1.18.16.1.1.module+el8.8.0+19438+94e84959
  • M
CVE-2023-30590

<1:9.5.1-1.18.16.1.1.module+el8.8.0+19438+94e84959
  • H
Out-of-bounds Write

<1:9.5.0-1.18.14.2.3.module+el8.8.0+19021+4b8b11cc
  • H
Use of Insufficiently Random Values

<1:9.5.0-1.18.14.2.3.module+el8.8.0+19021+4b8b11cc
  • H
Resource Exhaustion

<1:9.5.0-1.18.14.2.3.module+el8.8.0+19021+4b8b11cc
  • H
Use of Insufficiently Random Values

<1:9.5.0-1.18.14.2.3.module+el8.8.0+19021+4b8b11cc
  • L
Inefficient Regular Expression Complexity

<1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea
  • M
CRLF Injection

<1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea
  • L
Untrusted Search Path

<1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea
  • M
CVE-2023-23919

<1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea
  • M
Incorrect Authorization

<1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea
  • H
Improper Input Validation

<1:6.14.18-1.14.21.3.1.module+el8.7.0+18531+81d21ca6
  • M
Improper Input Validation

<1:8.19.3-1.16.19.1.1.module+el8.7.0+18373+704f5cef
  • M
Inefficient Regular Expression Complexity

<1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea
  • M
Resource Exhaustion

<1:9.5.0-1.18.14.2.2.module+el8.7.0+18445+9493b6ea
  • M
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

<1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47
  • M
Reliance on Reverse DNS Resolution for a Security-Critical Action

<1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47
  • M
Inefficient Regular Expression Complexity

<1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47
  • H
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

<1:8.19.1-1.18.9.1.1.module+el8.7.0+16806+4109802b
  • H
HTTP Request Smuggling

<1:8.19.1-1.18.9.1.1.module+el8.7.0+16806+4109802b
  • M
HTTP Request Smuggling

<1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185
  • M
HTTP Request Smuggling

<1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185
  • M
Improper Check or Handling of Exceptional Conditions

<1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185
  • M
HTTP Request Smuggling

<1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185
  • M
Open Redirect

<1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185
  • M
Improper Cross-boundary Removal of Sensitive Data

*
  • M
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

<1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47
  • H
Insufficient Verification of Data Authenticity

<1:8.3.1-1.16.14.0.4.module+el8.6.0+15294+54b291d2
  • M
Open Redirect

<1:6.14.17-1.14.21.1.2.module+el8.7.0+17528+a329cd47
  • M
Improperly Controlled Modification of Dynamically-Determined Object Attributes

<1:6.14.16-1.12.22.12.1.module+el8.6.0+15324+1f2c5d8d
  • M
Improper Certificate Validation

<1:6.14.16-1.12.22.12.1.module+el8.6.0+15324+1f2c5d8d
  • M
Improper Certificate Validation

<1:6.14.16-1.12.22.12.1.module+el8.6.0+15324+1f2c5d8d
  • M
Improper Certificate Validation

<1:6.14.16-1.12.22.12.1.module+el8.6.0+15324+1f2c5d8d
  • M
Improperly Controlled Modification of Dynamically-Determined Object Attributes

<1:6.14.16-1.12.22.12.1.module+el8.6.0+15324+1f2c5d8d
  • M
HTTP Request Smuggling

<1:6.14.16-1.12.22.12.1.module+el8.6.0+15324+1f2c5d8d
  • M
HTTP Request Smuggling

<1:6.14.16-1.12.22.12.1.module+el8.6.0+15324+1f2c5d8d
  • M
Resource Exhaustion

<1:8.11.0-1.16.16.0.3.module+el8.6.0+16248+76b0e185
  • M
Link Following

<1:6.14.16-1.12.22.12.1.module+el8.6.0+15324+1f2c5d8d
  • M
Link Following

<1:6.14.16-1.12.22.12.1.module+el8.6.0+15324+1f2c5d8d
  • H
Directory Traversal

<1:6.14.14-1.12.22.5.1.module+el8.4.0+12242+af52a4c7
  • H
Directory Traversal

<1:6.14.14-1.12.22.5.1.module+el8.4.0+12242+af52a4c7
  • H
Improper Input Validation

<1:6.14.14-1.12.22.5.1.module+el8.4.0+12242+af52a4c7
  • H
Improper Input Validation

<1:6.14.14-1.12.22.5.1.module+el8.4.0+12242+af52a4c7
  • H
Use After Free

<1:6.14.14-1.12.22.5.1.module+el8.4.0+12242+af52a4c7
  • H
Cross-site Scripting (XSS)

<1:6.14.14-1.12.22.5.1.module+el8.4.0+12242+af52a4c7
  • H
Use After Free

<1:6.14.14-1.12.22.5.1.module+el8.4.0+12242+af52a4c7
  • H
Resource Exhaustion

<1:6.14.14-1.12.22.5.1.module+el8.4.0+12242+af52a4c7
  • H
Resource Exhaustion

<1:6.14.11-1.12.21.0.1.module+el8.3.0+10191+34fb5a07
  • H
Improper Input Validation

<1:6.14.11-1.12.21.0.1.module+el8.3.0+10191+34fb5a07
  • M
Resource Exhaustion

<1:6.14.10-1.12.20.1.1.module+el8.3.0+9503+19cb079c
  • M
Modification of Assumed-Immutable Data (MAID)

<1:6.14.10-1.12.20.1.1.module+el8.3.0+9503+19cb079c
  • M
Improper Input Validation

<1:6.14.10-1.12.20.1.1.module+el8.3.0+9503+19cb079c
  • M
Modification of Assumed-Immutable Data (MAID)

<1:6.14.10-1.12.20.1.1.module+el8.3.0+9503+19cb079c
  • M
Use After Free

<1:6.14.10-1.12.20.1.1.module+el8.3.0+9503+19cb079c
  • M
HTTP Request Smuggling

<1:6.14.10-1.12.20.1.1.module+el8.3.0+9503+19cb079c
  • M
Resource Exhaustion

<1:6.14.10-1.12.20.1.1.module+el8.3.0+9503+19cb079c
  • M
Modification of Assumed-Immutable Data (MAID)

<1:6.14.8-1.12.19.1.1.module+el8.3.0+8851+b7b41ca0
  • M
Improperly Controlled Modification of Dynamically-Determined Object Attributes

<1:6.14.8-1.12.19.1.1.module+el8.3.0+8851+b7b41ca0
  • M
Privilege Defined With Unsafe Actions

<1:6.14.8-1.12.19.1.1.module+el8.3.0+8851+b7b41ca0
  • M
Out-of-Bounds

<1:6.14.8-1.12.19.1.1.module+el8.3.0+8851+b7b41ca0
  • M
Information Exposure Through Log Files

<1:6.14.6-1.12.18.4.2.module+el8.2.0+8361+192e434e
  • M
Incorrect Calculation of Buffer Size

<1:6.14.6-1.12.18.4.2.module+el8.2.0+8361+192e434e
  • M
Modification of Assumed-Immutable Data (MAID)

<1:6.14.6-1.12.18.4.2.module+el8.2.0+8361+192e434e
  • M
HTTP Request Smuggling

<1:6.14.6-1.12.18.4.2.module+el8.2.0+8361+192e434e
  • H
Improper Authorization

<1:6.14.5-1.12.18.2.1.module+el8.2.0+7233+61d664c1
  • H
Improper Input Validation

<1:6.14.5-1.12.18.2.1.module+el8.2.0+7233+61d664c1
  • H
Allocation of Resources Without Limits or Throttling

<1:6.14.5-1.12.18.2.1.module+el8.2.0+7233+61d664c1
  • H
Out-of-Bounds

<1:6.14.5-1.12.18.2.1.module+el8.2.0+7233+61d664c1
  • H
Integer Overflow or Wraparound

<1:6.13.4-1.12.16.1.2.module+el8.1.0+6117+b25a342c
  • H
HTTP Request Smuggling

<1:6.13.4-1.12.16.1.1.module+el8.1.0+5811+44509afe
  • H
Improper Neutralization of Special Elements

<1:6.13.4-1.12.16.1.1.module+el8.1.0+5811+44509afe
  • H
Encoding Error

<1:6.13.4-1.12.16.1.1.module+el8.1.0+5811+44509afe
  • H
Resource Exhaustion

<1:6.9.0-1.10.16.3.2.module+el8.0.0+4214+49953fda
  • H
Resource Exhaustion

<1:6.9.0-1.10.16.3.2.module+el8.0.0+4214+49953fda
  • H
Resource Exhaustion

<1:6.9.0-1.10.16.3.2.module+el8.0.0+4214+49953fda
  • H
Resource Exhaustion

<1:6.9.0-1.10.16.3.2.module+el8.0.0+4214+49953fda
  • H
Resource Exhaustion

<1:6.9.0-1.10.16.3.2.module+el8.0.0+4214+49953fda
  • H
Resource Exhaustion

<1:6.9.0-1.10.16.3.2.module+el8.0.0+4214+49953fda
  • H
Resource Exhaustion

<1:6.9.0-1.10.16.3.2.module+el8.0.0+4214+49953fda
  • H
Resource Exhaustion

<1:6.9.0-1.10.16.3.2.module+el8.0.0+4214+49953fda
  • H
Resource Exhaustion

<1:6.9.0-1.10.16.3.2.module+el8.0.0+4214+49953fda
  • L
Improper Input Validation

<1:6.13.4-1.12.14.1.1.module+el8.1.0+5466+30f75629
  • L
Improper Input Validation

<1:6.13.4-1.12.14.1.1.module+el8.1.0+5466+30f75629
  • L
Improper Input Validation

<1:6.13.4-1.12.14.1.1.module+el8.1.0+5466+30f75629
  • M
Resource Exhaustion

<1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd
  • M
Allocation of Resources Without Limits or Throttling

<1:6.14.13-1.12.22.3.2.module+el8.4.0+11732+c668cc9f
  • M
Resource Exhaustion

<1:6.14.13-1.12.22.3.2.module+el8.4.0+11732+c668cc9f
  • M
Out-of-bounds Read

<1:6.14.13-1.12.22.3.2.module+el8.4.0+11732+c668cc9f
  • M
Resource Exhaustion

<1:6.14.15-1.14.18.2.2.module+el8.5.0+13644+8d46dafd
  • L
Improper Initialization

*