We’ve disclosed3426vulnerabilities
by Snyk Security
Researchers
Snyk Vulnerability Database
The leading database for open source vulnerabilities and cloud misconfigurations.
Improper Neutralization of Quoting Syntax
Affecting postgresql package, versions [,13.19) , [14.0,14.16) , [15.0,15.11) , [16.0,16.7) , [17.0,17.3)
How to fix?
Upgrade postgresql to version 13.19, 14.16, 15.11, 16.7, 17.3 or higher.
Vulnerabilities from the last week
Cross-site Scripting (XSS)
vue-i18n is an Internationalization plugin for Vue.js
Affected versions of this package are vulnerable to Cross-site Scripting (XSS) when performing translations with escapeParameterHtml set to true. An attacker can execute arbitrary JavaScript code in the context of the user's browser by injecting malicious payloads into translation strings that are rendered using v-html, despite HTML escaping being enabled.
Cross-site Scripting (XSS)
Affects
roundup is a simple-to-use and -install issue-tracking system with command-line, web and e-mail interfaces.
Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the interaction between URLs and issue tracker templates. An attacker can execute arbitrary scripts in the context of a user's browser by crafting malicious URLs that are passed to tal:replace or tal:content templates.
Cross-site Scripting (XSS)
org.webjars.bowergithub.kazupon:vue-i18n is an Internationalization plugin for Vue.js
Affected versions of this package are vulnerable to Cross-site Scripting (XSS) when performing translations with escapeParameterHtml set to true. An attacker can execute arbitrary JavaScript code in the context of the user's browser by injecting malicious payloads into translation strings that are rendered using v-html, despite HTML escaping being enabled.
Recent vulnerabilities disclosed by Snyk
- M
Cross-site Scripting (XSS) in angularjs (nuget)- H
Regular Expression Denial of Service (ReDoS) in angularjs (nuget)- M
Regular Expression Denial of Service (ReDoS) in angularjs (nuget)- M
Regular Expression Denial of Service (ReDoS) in angularjs (nuget)- M
Regular Expression Denial of Service (ReDoS) in angularjs (nuget)
About Snyk
Snyk is a developer security platform. Integrating directly into development tools, workflows, and automation pipelines, Snyk makes it easy for teams to find, prioritize, and fix security vulnerabilities in code, dependencies, containers, and infrastructure as code. Supported by industry-leading application and security intelligence, Snyk puts security expertise in any developer's toolkit.
