GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
5 advisories
@strapi/plugin-users-permissions leaks 3rd party authentication tokens and authentication bypass
High
CVE-2024-34065
was published
for
@strapi/plugin-users-permissions
(npm)
Jun 12, 2024
Making all attributes on a content-type public without noticing it
Moderate
CVE-2023-34093
was published
for
@strapi/database
(npm)
Jul 25, 2023
Strapi plugins vulnerable to Server-Side Template Injection and Remote Code Execution in the Users-Permissions Plugin
Critical
CVE-2023-22621
was published
for
@strapi/plugin-email
(npm)
Apr 19, 2023
Strapi leaking sensitive user information by filtering on private fields
High
CVE-2023-22894
was published
for
@strapi/strapi
(npm)
Apr 19, 2023
Authentication Bypass in @strapi/plugin-users-permissions
High
GHSA-xv3q-jrmm-4fxv
was published
for
@strapi/plugin-users-permissions
(npm)
Apr 18, 2023
ProTip!
Advisories are also available from the
GraphQL API