@10play/tentap-editor (>=0.5.27 <=0.7.5-alpha.0), @adminjs/design-system (>=3.0.0 <=4.0.3) +131 more potentially affected by CVE-2025-14284 via @tiptap/extension-link (>=2.0.0-beta.18 <=2.10.3)

@tiptap/extension-link NPM version =2.0.0-beta.18, =0.5.27, =3.0.0, =0.4.1, =3.0.0-alpha.1, =0.0.1, =0.2.1, =0.2.0, =0.1.0, =0.28.0, =3.4.0, =1.2.0, =0.0.3, =0.4.1 and more Source cves: CVE-2025-14284 Source advisory: OSV:GHSA-VHRC-HGRQ-X75R...

PT-2024-34168

Name of the Vulnerable Software and Affected Versions: Apache Airflow versions prior to 2.10.3 Description: The issue allows authenticated users with audit log access to see sensitive values in audit logs that they should not see. This occurs when sensitive variables are set via the Airflow CLI,...

CVE-2023-29440

Cross-Site Request Forgery CSRF vulnerability in PressTigers Simple Job Board plugin = 2.10.3 versions...

GHSA-MG5H-9RHQ-4CQX Cross-site Scripting in ShowDoc

ShowDoc is vulnerable to stored cross-site scripting through file upload in versions 2.10.3 and prior. A patch is available and anticipated to be part of version 2.10.4...