Aikido Intel

usemods is vulnerable to Cross-site Scripting (XSS) in versions 0.0.4 - 1.7.1.

@kinde-oss/kinde-auth-nextjs is vulnerable to Improper Certificate Validation in versions 1.8.3 - 2.3.11.

@effect/platform is vulnerable to Insertion of Sensitive Information into Log File in versions 0.0.0 - 0.68.6.

spring-webmvc is vulnerable to Path Traversal in versions 0.0.1 - 5.3.40, 6.0.0 - 6.0.24 and 6.1.0 - 6.1.13.

gridstack is vulnerable to Cross-site Scripting (XSS) in versions 0.1.0 - 10.3.1.

github.com/osteele/liquid is vulnerable to Denial of Service (DoS) in versions 0.1.0 - 1.5.0.

fooman/tcpdf is vulnerable to Regular Expression Denial of Service (ReDoS) in versions 2.0.0 - 6.7.4.

jsonpath-plus is vulnerable to Remote code execution in versions 0.1.0 - 10.0.6.

electron is vulnerable to Type Confusion in versions 31.0.0 - 31.7.0 and 32.0.0 - 32.2.0.

jsonpath-plus is vulnerable to Remote code execution in versions 0.1.0 - 10.0.0.

github.com/wneessen/go-mail is vulnerable to Insertion of Sensitive Information into Log File in versions 0.1.0 - 0.5.0.

craftcms/cms is vulnerable to Improper Privilege Management in versions 4.0.0 - 4.12.6 and 5.0.0 - 5.4.7.1.

@backstage/backend-defaults is vulnerable to Accidental exposure of sensitive info possible in versions 0.1.0 - 0.5.0.

@syncfusion/ej2-documenteditor is vulnerable to Cross-site Scripting (XSS) in versions 26.2.4 - 27.1.52.

mysql-connector-python is vulnerable to SQL Injection in versions 8.3.0 - 9.0.0.

github.com/hashicorp/consul is vulnerable to Cross-site Scripting (XSS) in versions 1.9.0 - 1.19.2.

datadog/dd-trace is vulnerable to DoS possible due to memory leak or race condition in versions 0.1.0 - 1.3.2.

libarchive.libarchive is vulnerable to DoS possible due to improper check for exceptional conditions in versions 3.0.0a - 3.7.6.