5 verified · cut from 4,182 raw findings (99.7% noise removed) · sample data
Sign in to see yours| Finding | Repo | Vulnerable component | Recommended fix | Src | Owner | Age | |
|---|---|---|---|---|---|---|---|
Prototype pollution in lodash.mergewith VRD-1042 | acme-inc/billing-api | lodash.mergewith@4.6.1 | 4.6.2 | 3 | devon | 2h | |
Live AWS access key leaked in commit history VRD-1041 | acme-inc/data-pipeline | — | rotate | 1 | marcus | 4h | |
axios SSRF via crafted URL VRD-1037 | acme-inc/billing-api | axios@0.27.2 | 1.7.4 | 2 | devon | 1d | |
requests CVE-2024-35195 cert verification skipped VRD-1031 | acme-inc/ml-trainer | requests@2.30.0 | 2.32.0 | 2 | priya | 1d | |
Outdated express with known DoS VRD-1024 | acme-inc/marketing-site | express@4.18.0 | 4.19.2 | 1 | sasha | 3d |