Snyk Advisor
By the Year
In 2024 there have been 0 vulnerabilities in Snyk Advisor . Last year Advisor had 1 security vulnerability published. Right now, Advisor is on track to have less security vulnerabilities in 2024 than it did last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 1 | 5.40 |
2022 | 0 | 0.00 |
2021 | 0 | 0.00 |
2020 | 0 | 0.00 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Advisor vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Snyk Advisor Security Vulnerabilities
The Snyk Advisor website (https://snyk.io/advisor/) was vulnerable to a stored XSS prior to 28th March 2023
CVE-2023-1767
5.4 - Medium
- April 20, 2023
The Snyk Advisor website (https://snyk.io/advisor/) was vulnerable to a stored XSS prior to 28th March 2023. A feature of Snyk Advisor is to display the contents of a scanned package's Readme on its package health page. An attacker could create a package in NPM with an associated markdown README file containing XSS-able HTML tags. Upon Snyk Advisor importing the package, the XSS would run each time an end user browsed to the package's page on Snyk Advisor.
XSS
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Snyk Advisor or by Snyk? Click the Watch button to subscribe.