|
Malicious Package
|
rrgod
*
|
npm
|
15 Jan, 2019
|
|
Malicious Package
|
text-qrcode
*
|
npm
|
10 Jan, 2019
|
|
Information Exposure
|
rails-session-decoder
*
|
npm
|
10 Jan, 2019
|
|
Denial of Service (DoS)
|
markdown-it-toc-and-anchor
<4.2.0
|
npm
|
10 Jan, 2019
|
|
Cross-site Scripting (XSS)
|
jingo
<1.9.2
|
npm
|
10 Jan, 2019
|
|
Cryptographic Backdoor
|
generate-password
<1.4.1
|
npm
|
10 Jan, 2019
|
|
Directory Traversal
|
cordova-plugin-ionic-webview
<2.2.0
|
npm
|
10 Jan, 2019
|
|
Denial of Service (DoS)
|
autolinker
<3.0.0
|
npm
|
10 Jan, 2019
|
|
Remote Code Execution
|
xterm
>=3.8.0 <3.8.1,>=3.9.0 <3.9.2,>=3.10.0 <3.10.1
|
npm
|
10 Jan, 2019
|
|
Cross-site Scripting (XSS)
|
bootstrap
<3.4.0
|
npm
|
10 Jan, 2019
|
|
Cross-site Scripting (XSS)
|
bootstrap
<3.4.0
|
npm
|
10 Jan, 2019
|
|
Malicious Package
|
commander-js
*
|
npm
|
09 Jan, 2019
|
|
Regular Expression Denial of Service (ReDoS)
|
esm
<=3.0.84
|
npm
|
03 Jan, 2019
|
|
Cross-site Scripting (XSS)
|
qunit
<=2.8.0
|
npm
|
03 Jan, 2019
|
|
Cross-site Scripting (XSS)
|
ids-enterprise
<4.15.0
|
npm
|
03 Jan, 2019
|
|
Arbitrary Code Execution
|
react-dev-utils
>=1.0.0 <1.0.4,>=2.0.0 <2.0.2,>=3.0.0 <3.1.2,>=4.0.0 <4.2.2,>=5.0.0 <5.0.2
|
npm
|
02 Jan, 2019
|
|
Arbitrary Code Execution
|
nuclide
<0.290.0
|
npm
|
02 Jan, 2019
|
|
Cross-site Scripting (XSS)
|
buefy
<=0.7.1
|
npm
|
31 Dec, 2018
|
|
Regular Expression Denial of Service (ReDoS)
|
uap-core
<0.6.0
|
npm
|
30 Dec, 2018
|
|
Remote Code Execution (RCE)
|
pomelo-monitor
*
|
npm
|
28 Dec, 2018
|
|
Cross-site Scripting (XSS)
|
rendertron-middleware
<0.1.3
|
npm
|
18 Dec, 2018
|
|
Denial of Service (DoS)
|
rendertron-middleware
<0.1.3
|
npm
|
18 Dec, 2018
|
|
Information Exposure
|
rendertron-middleware
<0.1.3
|
npm
|
18 Dec, 2018
|
|
Arbitrary File Read
|
rendertron-middleware
<0.1.3
|
npm
|
18 Dec, 2018
|
|
Prototype Pollution
|
mpath
<0.5.1
|
npm
|
12 Dec, 2018
|
|
Denial of Service (DoS)
|
just-extend
<4.0.0
|
npm
|
12 Dec, 2018
|
|
Prototype pollution
|
mergify
*
|
npm
|
12 Dec, 2018
|
|
Directory Traversal
|
simplehttpserver
*
|
npm
|
29 Nov, 2018
|
|
Malicious Package
|
event-stream
=3.3.6
|
npm
|
26 Nov, 2018
|
|
Malicious Package
|
flatmap-stream
*
|
npm
|
26 Nov, 2018
|