2025-06-03 - 2025-07-03
Overview
1 pull request proposed by 1 user
Proposed
#464 Update drop embed buttons to auto sacrifice on reroll
7 issues closed from 1 user
Closed
#358 [11] Regular Expression Denial of Service (ReDoS) in micromatch
Closed
#369 [12] express vulnerable to XSS via response.redirect()
Closed
#370 [13] body-parser vulnerable to denial of service when url encoding is enabled
Closed
#393 [14] serve-static vulnerable to template injection that can lead to XSS
Closed
#394 [15] send vulnerable to template injection that can lead to XSS
Closed
#395 [16] path-to-regexp outputs backtracking regular expressions
Closed
#396 [17] cookie accepts cookie name, path, and domain with out of bounds characters
6 issues created by 1 user
Opened
#458 [18] [HIGH] Regular Expression Denial of Service (ReDoS) in cross-spawn
Opened
#459 [19] [HIGH] path-to-regexp contains a ReDoS
Opened
#460 [20] [MODERATE] Use of Insufficiently Random Values in undici
Opened
#461 [21] [MODERATE] Babel has inefficient RegExp complexity in generated code with .replace when transpiling named capturing groups
Opened
#462 [22] [LOW] undici Denial of Service attack via bad certificate data
Opened
#463 [23] [LOW] Regular Expression Denial of Service (ReDoS) in @eslint/plugin-kit
2 unresolved conversations
Open
#445
0.10 Dependency Updates
Open
#457
Update drop embed buttons to auto sacrifice on reroll