Lucene search
+L

126 matches found

Snyk
Snyk
added 2026/05/04 6:27 p.m.7 views

Arbitrary Code Injection

Overview org.webjars.npm:vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. Affected versions of this package are vulnerable to Arbitrary Code Injection via the SuppressedError. An attacker can execute arbitrary code outside the intended sandbox environment by...

10CVSS6.4AI score0.0071EPSS
Exploits1References2
vulnersOsv
vulnersOsv
added 2026/04/19 9:0 p.m.7 views

io.javalin.community.openapi:javalin-redoc-plugin (>=5.0.0 <=5.2.0), io.javalin.community.openapi:openapi-test (>=5.0.0 <=5.0.1) +12 more potentially affected by CVE-2026-41239 via org.webjars.npm:dompurify (>=2.5.8 <=3.3.0)

org.webjars.npm:dompurify MAVEN version =2.5.8, =5.0.0, =5.0.0, =1.96.0, =1.0.0, =1.0.0, =14.3.0, =0.54.0, =2.0.0, =3.1.1, =3.1.3, =3.2.2 - org.webjars.npm:tui-calendar =1.15.3 Source cves: CVE-2026-41239 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-16131136...

6.8CVSS5.8AI score0.00248EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/17 9:0 p.m.12 views

org.webjars.npm:adal-node (=0.1.28), org.webjars.npm:canvg (>=1.5.2 <=1.5.3) +14 more potentially affected by CVE-2026-41672 via org.webjars.npm:xmldom (>=0.1.31 <=0.6.0)

org.webjars.npm:xmldom MAVEN version =0.1.31, =1.5.2, =0.7.2, =0.14.0, =0.11.0, =7.14.0, =2.7.0, =2.9.2 and more Source cves: CVE-2026-41672 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-16133135...

8.7CVSS5.8AI score0.00365EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/16 10:34 p.m.10 views

org.webjars.npm:bazel__typescript (=1.7.0), org.webjars.npm:cesium (>=1.96.0 <=1.137.0) +8 more potentially affected by CVE-2026-41242 via org.webjars.npm:protobufjs (>=6.8.8 <=8.0.0)

org.webjars.npm:protobufjs MAVEN version =6.8.8, =1.96.0, =1.0.0, =1.0.0, =10.13.0, =4.7.0, =0.3.35, =1.7.3, =0.7.13, =0.7.15 Source cves: CVE-2026-41242 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-16094666...

9.8CVSS6AI score0.00745EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/04/15 6:31 p.m.9 views

com.graphhopper:graphhopper-web-bundle (>=3.0 <=client_hc_no_vehicle), org.webjars.npm:geobuf (=3.0.2) +15 more potentially affected by CVE-2026-5758 via org.webjars.npm:protocol-buffers-schema (=3.6.0)

org.webjars.npm:protocol-buffers-schema MAVEN version =3.6.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:protocol-buffers-schema and may be impacted: - com.graphhopper:graphhopper-web-bundle =3.0, =1.10.1, =6.1.0, =10.6.0, =1.3.5,...

6.5CVSS5.7AI score0.00534EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/03 3:46 a.m.12 views

net.enilink.platform:net.enilink.platform.web (=1.6.0), org.webjars.npm:formio__core (=2.6.0) +1 more potentially affected by unknown CVE via org.webjars.npm:dompurify (>=3.1.7 <=3.3.0)

org.webjars.npm:dompurify MAVEN version =3.1.7, =0.54.0, =0.55.1 Source cves: unknown CVE Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15874906...

5.8AI score
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/31 11:2 p.m.13 views

com.newmediaworks:nmw-oss-website (>=1.7.0 <=1.11.0), com.pragmatickm:website (>=1.10.0 <=2.0.0) +102 more potentially affected by CVE-2025-13465 +1 more via org.webjars.npm:lodash (>=4.0.0 <=4.17.5)

org.webjars.npm:lodash MAVEN version =4.0.0, =1.7.0, =1.10.0, =1.11.0, =1.7.0, =1.6.1, =1.11.0, =1.13.0, =1.0, =1.0, =1.0, =1.2.0, =3.5.0, =3.5.0, =3.5.0, =3.12.0 and more Source cves: CVE-2025-13465, CVE-2026-2950 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15869623...

8.2CVSS6.6AI score0.01535EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/31 11:2 p.m.8 views

com.newmediaworks:nmw-oss-website (>=1.7.0 <=1.11.0), com.pragmatickm:website (>=1.10.0 <=2.0.0) +102 more potentially affected by CVE-2021-23337 +1 more via org.webjars.npm:lodash (>=4.0.0 <=4.17.5)

org.webjars.npm:lodash MAVEN version =4.0.0, =1.7.0, =1.10.0, =1.11.0, =1.7.0, =1.6.1, =1.11.0, =1.13.0, =1.0, =1.0, =1.0, =1.2.0, =3.5.0, =3.5.0, =3.5.0, =3.12.0 and more Source cves: CVE-2021-23337, CVE-2026-4800 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15869630...

9.8CVSS6.8AI score0.2241EPSS
Exploits3
vulnersOsv
vulnersOsv
added 2026/03/31 11:2 p.m.15 views

org.webjars.npm:autolinker (>=0.24.1 <=0.28.1), org.webjars.npm:github-com-mattslocum-ng-webworker (=0.2.3) +10 more potentially affected by CVE-2021-23337 +1 more via org.webjars.npm:lodash.template (=4.5.0)

org.webjars.npm:lodash.template MAVEN version =4.5.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:lodash.template and may be impacted: - org.webjars.npm:autolinker =0.24.1, =2.9.0, =1.8.12, =3.5.0, =2.3.4, =2.5.17-beta.0 -...

9.8CVSS6.8AI score0.2241EPSS
Exploits3
vulnersOsv
vulnersOsv
added 2026/03/31 11:2 p.m.18 views

org.webjars.npm:angular-tree-component (>=3.2.3 <=3.7.2), org.webjars.npm:chevrotain (>=11.0.3 <=11.1.2) +72 more potentially affected by CVE-2021-23337 +1 more via org.webjars.npm:lodash-es (>=4.17.21 <=4.17.4)

org.webjars.npm:lodash-es MAVEN version =4.17.21, =3.2.3, =11.0.3, =11.0.3, =11.0.3, =39.0.1, =39.0.1, =39.0.1, =39.0.1, =39.0.1, =39.0.1, =39.0.1, =44.1.0, =39.0.1, =44.3.0 and more Source cves: CVE-2021-23337, CVE-2026-4800 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15869632...

9.8CVSS6.8AI score0.2241EPSS
Exploits3
vulnersOsv
vulnersOsv
added 2026/03/29 3:17 p.m.9 views

org.webjars.npm:directory-encoder (=0.9.2), org.webjars.npm:engine-handlebars (=0.8.2) +6 more potentially affected by unknown CVE via org.webjars.npm:handlebars (>=4.0.14 <=4.7.8)

org.webjars.npm:handlebars MAVEN version =4.0.14, =1.5.0, =2.0.0, =2.0.0, =2.1.0, =2.1.1 Source cves: unknown CVE Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15813032...

5.5AI score
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/27 6:22 p.m.7 views

org.webjars.npm:directory-encoder (=0.9.2), org.webjars.npm:engine-handlebars (=0.8.2) +6 more potentially affected by CVE-2026-33941 via org.webjars.npm:handlebars (>=4.0.14 <=4.7.8)

org.webjars.npm:handlebars MAVEN version =4.0.14, =1.5.0, =2.0.0, =2.0.0, =2.1.0, =2.1.1 Source cves: CVE-2026-33941 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15807041...

8.2CVSS7.2AI score0.00291EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/03/27 6:21 p.m.9 views

org.webjars.npm:directory-encoder (=0.9.2), org.webjars.npm:engine-handlebars (=0.8.2) +6 more potentially affected by CVE-2026-33940 via org.webjars.npm:handlebars (>=4.0.14 <=4.7.8)

org.webjars.npm:handlebars MAVEN version =4.0.14, =1.5.0, =2.0.0, =2.0.0, =2.1.0, =2.1.1 Source cves: CVE-2026-33940 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15803087...

8.1CVSS6.1AI score0.00703EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/03/27 6:19 p.m.11 views

org.webjars.npm:directory-encoder (=0.9.2), org.webjars.npm:engine-handlebars (=0.8.2) +6 more potentially affected by CVE-2026-33937 via org.webjars.npm:handlebars (>=4.0.14 <=4.7.8)

org.webjars.npm:handlebars MAVEN version =4.0.14, =1.5.0, =2.0.0, =2.0.0, =2.1.0, =2.1.1 Source cves: CVE-2026-33937 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15803085...

9.8CVSS6.2AI score0.0178EPSS
Exploits2
vulnersOsv
vulnersOsv
added 2026/03/27 6:18 p.m.8 views

org.webjars.npm:compression-webpack-plugin (=7.1.1), org.webjars.npm:copy-webpack-plugin (>=4.3.1 <=4.6.0) +9 more potentially affected by CVE-2026-34043 via org.webjars.npm:serialize-javascript (>=1.9.1 <=6.0.2)

org.webjars.npm:serialize-javascript MAVEN version =1.9.1, =4.3.1, =5.2.0, =1.1.6, =2.3.4, =2.5.17-beta.0 Source cves: CVE-2026-34043 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15809197...

7.5CVSS5.8AI score0.00472EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/26 10:20 p.m.11 views

org.webjars.npm:directory-encoder (=0.9.2), org.webjars.npm:engine-handlebars (=0.8.2) +6 more potentially affected by CVE-2026-33916 via org.webjars.npm:handlebars (>=4.0.14 <=4.7.8)

org.webjars.npm:handlebars MAVEN version =4.0.14, =1.5.0, =2.0.0, =2.0.0, =2.1.0, =2.1.1 Source cves: CVE-2026-33916 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15789776...

4.7CVSS6.5AI score0.00276EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/03/26 10:5 p.m.9 views

org.webjars.npm:github-com-cisco-node-jose (=2.2.0), org.webjars.npm:google-auth-library (>=1.6.1 <=6.1.6) +7 more potentially affected by CVE-2026-33896 via org.webjars.npm:node-forge (>=0.10.0 <=1.3.3)

org.webjars.npm:node-forge MAVEN version =0.10.0, =1.6.1, =1.0.2, =2.3.2, =1.10.2, =2.1.1 Source cves: CVE-2026-33896 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15789772...

9.1CVSS5.8AI score0.00348EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/03/26 10:2 p.m.8 views

org.webjars.npm:github-com-cisco-node-jose (=2.2.0), org.webjars.npm:google-auth-library (>=1.6.1 <=6.1.6) +7 more potentially affected by CVE-2026-33894 via org.webjars.npm:node-forge (>=0.10.0 <=1.3.3)

org.webjars.npm:node-forge MAVEN version =0.10.0, =1.6.1, =1.0.2, =2.3.2, =1.10.2, =2.1.1 Source cves: CVE-2026-33894 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15789774...

7.5CVSS5.8AI score0.00339EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/26 9:57 p.m.13 views

org.webjars.npm:github-com-cisco-node-jose (=2.2.0), org.webjars.npm:google-auth-library (>=1.6.1 <=6.1.6) +7 more potentially affected by CVE-2026-33891 via org.webjars.npm:node-forge (>=0.10.0 <=1.3.3)

org.webjars.npm:node-forge MAVEN version =0.10.0, =1.6.1, =1.0.2, =2.3.2, =1.10.2, =2.1.1 Source cves: CVE-2026-33891 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15789770...

7.5CVSS5.8AI score0.00596EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/03/26 6:29 p.m.6 views

com.gitee.zodiacstack.base:zodiac-base-sdk-net (=1.7.1), com.matecoder:juggle-core (>=1.6.0 <=1.6.1) +27 more potentially affected by CVE-2026-33750 via org.webjars.npm:brace-expansion (=2.0.2)

org.webjars.npm:brace-expansion MAVEN version =2.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:brace-expansion and may be impacted: - com.gitee.zodiacstack.base:zodiac-base-sdk-net =1.7.1 - com.matecoder:juggle-core =1.6.0, =5.0.0...

7.5CVSS6.2AI score0.0043EPSS
Exploits0
Rows per page
Query Builder