Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

8 advisories

Loading
Remote Code Execution on click of <a> Link in markdown preview High
CVE-2024-49362 was published for joplin (npm) Nov 14, 2024
jackfromeast
DOM Clobbering Gadget found in astro's client-side router that leads to XSS Moderate
CVE-2024-47885 was published for astro (npm) Oct 14, 2024
jackfromeast ishmeals
DOM Clobbering Gadget found in rollup bundled scripts that leads to XSS High
CVE-2024-47068 was published for rollup (npm) Sep 23, 2024
jackfromeast ishmeals
Layui has DOM Clobbering gadgets that leads to Cross-site Scripting Moderate
CVE-2024-47075 was published for layui (npm) Sep 26, 2024
jackfromeast ishmeals
Vite DOM Clobbering gadget found in vite bundled scripts that leads to XSS Moderate
CVE-2024-45812 was published for vite (npm) Sep 17, 2024
jackfromeast ishmeals
DOM Clobbering Gadget found in Rspack's AutoPublicPathRuntimeModule that leads to XSS Moderate
GHSA-84jw-g43v-8gjm was published for @rspack/core (npm) Sep 19, 2024
jackfromeast ishmeals
DOM clobbering could escalate to Cross-site Scripting (XSS) Moderate
CVE-2024-45389 was published for @pagefind/default-ui (npm) Sep 3, 2024
ishmeals jackfromeast
Webpack's AutoPublicPathRuntimeModule has a DOM Clobbering Gadget that leads to XSS Moderate
CVE-2024-43788 was published for webpack (npm) Aug 27, 2024
jackfromeast ishmeals
mhassan1
ProTip! Advisories are also available from the GraphQL API