forked from 418sec/huntr
-
Notifications
You must be signed in to change notification settings - Fork 0
/
index.json
1 lines (1 loc) · 277 KB
/
index.json
1
[{"ID":"1-maven-argonaut","Registry":"maven","PackageName":"argonaut","PackageOwner":"argonaut-io","Downloads":"0","Forks":"114","Stars":"499","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Scala","VulnerabilityDescription":"Denial of Service (DoS)","Severity":"4.9","AffectedVersionRange":"*","DisclosureDate":"2020-04-10","PrNumber":"924","Live":true,"Bounty":{"Credit":"490","Cash":"40"},"Repository":{"Name":"argonaut","Owner":"argonaut-io"},"FixSubmissionCount":0},{"ID":"1-maven-azkaban","Registry":"maven","PackageName":"azkaban","PackageOwner":"azkaban","Downloads":"0","Forks":"1406","Stars":"3546","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Java","VulnerabilityDescription":"XML External Entity (XXE) Injection","Severity":"7.5","AffectedVersionRange":"*","DisclosureDate":"2020-04-17","PrNumber":"","Live":false,"Bounty":{"Credit":"750","Cash":"40"},"Repository":{"Name":"azkaban","Owner":"azkaban"},"FixSubmissionCount":0},{"ID":"1-maven-gwtupload","Registry":"maven","PackageName":"gwtupload","PackageOwner":"manolo","Downloads":"0","Forks":"56","Stars":"48","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Java","VulnerabilityDescription":"Denial of Service (DoS)","Severity":"7.5","AffectedVersionRange":"*","DisclosureDate":"2020-06-01","PrNumber":"925","Live":false,"Bounty":{"Credit":"750","Cash":"40"},"Repository":{"Name":"gwtupload","Owner":"manolo"},"FixSubmissionCount":0},{"ID":"1-maven-http-request","Registry":"maven","PackageName":"http-request","PackageOwner":"kevinsawicki","Downloads":"0","Forks":"829","Stars":"3150","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Java","VulnerabilityDescription":"Improper Certificate Validation","Severity":"7.5","AffectedVersionRange":"*","DisclosureDate":"2020-08-17","PrNumber":"926","Live":false,"Bounty":{"Credit":"750","Cash":"40"},"Repository":{"Name":"http-request","Owner":"kevinsawicki"},"FixSubmissionCount":0},{"ID":"1-maven-kindeditor","Registry":"maven","PackageName":"kindeditor","PackageOwner":"kindsoft","Downloads":"0","Forks":"590","Stars":"1717","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Directory Traversal","Severity":"7.5","AffectedVersionRange":"*","DisclosureDate":"2020-08-05","PrNumber":"927","Live":false,"Bounty":{"Credit":"750","Cash":"40"},"Repository":{"Name":"kindeditor","Owner":"kindsoft"},"FixSubmissionCount":0},{"ID":"1-maven-markdown-it-katex","Registry":"maven","PackageName":"markdown-it-katex","PackageOwner":"waylonflinn","Downloads":"0","Forks":"103","Stars":"164","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"7.4","AffectedVersionRange":"*","DisclosureDate":"2020-08-17","PrNumber":"928","Live":false,"Bounty":{"Credit":"740","Cash":"40"},"Repository":{"Name":"markdown-it-katex","Owner":"waylonflinn"},"FixSubmissionCount":0},{"ID":"1-maven-markdown-to-jsx","Registry":"maven","PackageName":"markdown-to-jsx","PackageOwner":"probablyup","Downloads":"0","Forks":"98","Stars":"1063","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"7.3","AffectedVersionRange":"*","DisclosureDate":"2020-08-04","PrNumber":"929","Live":false,"Bounty":{"Credit":"730","Cash":"40"},"Repository":{"Name":"markdown-to-jsx","Owner":"probablyup"},"FixSubmissionCount":0},{"ID":"1-maven-openid-connect-java-spring-server","Registry":"maven","PackageName":"openid-connect-java-spring-server","PackageOwner":"mitreid-connect","Downloads":"0","Forks":"723","Stars":"1255","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Java","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"6.1","AffectedVersionRange":"*","DisclosureDate":"2020-02-03","PrNumber":"930","Live":false,"Bounty":{"Credit":"610","Cash":"40"},"Repository":{"Name":"OpenID-Connect-Java-Spring-Server","Owner":"mitreid-connect"},"FixSubmissionCount":0},{"ID":"1-maven-sonarqube","Registry":"maven","PackageName":"sonarqube","PackageOwner":"SonarSource","Downloads":"0","Forks":"1399","Stars":"5520","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Java","VulnerabilityDescription":"URL Redirection to Untrusted Site","Severity":"5.7","AffectedVersionRange":"*","DisclosureDate":"2020-08-04","PrNumber":"931","Live":false,"Bounty":{"Credit":"570","Cash":"40"},"Repository":{"Name":"sonarqube","Owner":"SonarSource"},"FixSubmissionCount":0},{"ID":"1-maven-url-regex","Registry":"maven","PackageName":"url-regex","PackageOwner":"kevva","Downloads":"0","Forks":"68","Stars":"283","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Regular Expression Denial of Service (ReDoS)","Severity":"7.5","AffectedVersionRange":"*","DisclosureDate":"2020-08-10","PrNumber":"932","Live":false,"Bounty":{"Credit":"750","Cash":"40"},"Repository":{"Name":"url-regex","Owner":"kevva"},"FixSubmissionCount":0},{"ID":"1-maven-xlsx","Registry":"maven","PackageName":"xlsx","PackageOwner":"SheetJS","Downloads":"0","Forks":"6432","Stars":"24556","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Regular Expression Denial of Service (ReDoS)","Severity":"3.7","AffectedVersionRange":"*","DisclosureDate":"2020-08-10","PrNumber":"933","Live":false,"Bounty":{"Credit":"370","Cash":"40"},"Repository":{"Name":"sheetjs","Owner":"SheetJS"},"FixSubmissionCount":0},{"ID":"1-maven-xmppserver","Registry":"maven","PackageName":"xmppserver","PackageOwner":"igniterealtime","Downloads":"0","Forks":"1238","Stars":"2291","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Java","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"5.4","AffectedVersionRange":"*","DisclosureDate":"2021-01-04","PrNumber":"1388","Live":true,"Bounty":{"Credit":"540","Cash":"40"},"Repository":{"Name":"Openfire","Owner":"igniterealtime"},"FixSubmissionCount":0},{"ID":"1-npm-access-policy","Registry":"npm","PackageName":"access-policy","PackageOwner":"TupleAustin","Downloads":"15","Forks":"4","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.6","AffectedVersionRange":"*","DisclosureDate":"2020-08-05","PrNumber":"934","Live":false,"Bounty":{"Credit":"860","Cash":"40"},"Repository":{"Name":"access-policy","Owner":"TupleAustin"},"FixSubmissionCount":0},{"ID":"1-npm-alfred-workflow-nodejs","Registry":"npm","PackageName":"alfred-workflow-nodejs","PackageOwner":"giangvo","Downloads":"1","Forks":"17","Stars":"135","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Remote Code Execution","Severity":"6.7","AffectedVersionRange":"*","DisclosureDate":"2020-08-30","PrNumber":"935","Live":false,"Bounty":{"Credit":"670","Cash":"40"},"Repository":{"Name":"alfred-workflow-nodejs","Owner":"giangvo"},"FixSubmissionCount":0},{"ID":"1-npm-angular-redactor","Registry":"npm","PackageName":"angular-redactor","PackageOwner":"TylerGarlick","Downloads":"117","Forks":"86","Stars":"209","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"6.5","AffectedVersionRange":"*","DisclosureDate":"2020-08-10","PrNumber":"936","Live":false,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"angular-redactor","Owner":"TylerGarlick"},"FixSubmissionCount":0},{"ID":"1-npm-ansi2html","Registry":"npm","PackageName":"ansi2html","PackageOwner":"agnoster","Downloads":"3387","Forks":"14","Stars":"29","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Denial of Service (DoS)","Severity":"7.5","AffectedVersionRange":"*","DisclosureDate":"2020-02-28","PrNumber":"","Live":false,"Bounty":{"Credit":"750","Cash":"40"},"Repository":{"Name":"ansi2html","Owner":"agnoster"},"FixSubmissionCount":0},{"ID":"1-npm-ant-design-pro","Registry":"npm","PackageName":"ant-design-pro","PackageOwner":"ant-design","Downloads":"5408","Forks":"6510","Stars":"28057","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"8.8","AffectedVersionRange":"*","DisclosureDate":"2020-07-20","PrNumber":"937","Live":false,"Bounty":{"Credit":"880","Cash":"40"},"Repository":{"Name":"ant-design-pro","Owner":"ant-design"},"FixSubmissionCount":0},{"ID":"1-npm-antlr4-cli","Registry":"npm","PackageName":"antlr4-cli","PackageOwner":"brundonsmith","Downloads":"360","Forks":"2","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Remote Code Execution","Severity":"4.0","AffectedVersionRange":"*","DisclosureDate":"2020-05-02","PrNumber":"938","Live":false,"Bounty":{"Credit":"400","Cash":"40"},"Repository":{"Name":"antlr4-cli","Owner":"brundonsmith"},"FixSubmissionCount":0},{"ID":"1-npm-apexcharts","Registry":"npm","PackageName":"apexcharts","PackageOwner":"apexcharts","Downloads":"186786","Forks":"678","Stars":"9921","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Cross-Site Scripting (XSS)","Severity":"6.1","AffectedVersionRange":"<=3.22.2","DisclosureDate":"2020-12-18","PrNumber":"1321","Live":false,"Bounty":{"Credit":"610","Cash":"40"},"Repository":{"Name":"apexcharts.js","Owner":"apexcharts"},"FixSubmissionCount":0},{"ID":"1-npm-apikit","Registry":"npm","PackageName":"apikit","PackageOwner":"mulesoft","Downloads":"1","Forks":"51","Stars":"8","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"XML External Entity (XXE) Injection","Severity":"7.5","AffectedVersionRange":"*","DisclosureDate":"2020-04-03","PrNumber":"","Live":false,"Bounty":{"Credit":"750","Cash":"40"},"Repository":{"Name":"apikit","Owner":"mulesoft"},"FixSubmissionCount":0},{"ID":"1-npm-apostrophe","Registry":"npm","PackageName":"apostrophe","PackageOwner":"apostrophecms","Downloads":"739","Forks":"449","Stars":"3443","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Lack of Rate Limiting","Severity":"5.3","AffectedVersionRange":"<=2.113.1","DisclosureDate":"2020-12-21","PrNumber":"1332","Live":true,"Bounty":{"Credit":"530","Cash":"40"},"Repository":{"Name":"apostrophe","Owner":"apostrophecms"},"FixSubmissionCount":1},{"ID":"1-npm-arpping","Registry":"npm","PackageName":"arpping","PackageOwner":"haf-decent","Downloads":"9","Forks":"8","Stars":"2","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Remote Code Execution","Severity":"8.8","AffectedVersionRange":"*","DisclosureDate":"2021-02-11","PrNumber":"1757","Live":true,"Bounty":{"Credit":"880","Cash":"40"},"Repository":{"Name":"arpping","Owner":"haf-decent"},"FixSubmissionCount":1},{"ID":"1-npm-arr-flatten-unflatten","Registry":"npm","PackageName":"arr-flatten-unflatten","PackageOwner":"Quernest","Downloads":"3","Forks":"2","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-10","PrNumber":"1510","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"arr-flatten-unflatten","Owner":"Quernest"},"FixSubmissionCount":1},{"ID":"1-npm-aso-server","Registry":"npm","PackageName":"aso-server","PackageOwner":"tibyandy","Downloads":"2","Forks":"2","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Directory Traversal","Severity":"7.5","AffectedVersionRange":"*","DisclosureDate":"2020-08-17","PrNumber":"939","Live":false,"Bounty":{"Credit":"750","Cash":"40"},"Repository":{"Name":"nodejs-static-server","Owner":"tibyandy"},"FixSubmissionCount":0},{"ID":"1-npm-assign.js","Registry":"npm","PackageName":"assign.js","PackageOwner":"imrefazekas","Downloads":"592","Forks":"3","Stars":"1","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-11-01","PrNumber":"940","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"assign.js","Owner":"imrefazekas"},"FixSubmissionCount":0},{"ID":"1-npm-autolinker.js","Registry":"npm","PackageName":"autolinker.js","PackageOwner":"gregjacobs","Downloads":"23","Forks":"221","Stars":"1264","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"4.6","AffectedVersionRange":"*","DisclosureDate":"2020-02-13","PrNumber":"","Live":false,"Bounty":{"Credit":"460","Cash":"40"},"Repository":{"Name":"Autolinker.js","Owner":"gregjacobs"},"FixSubmissionCount":0},{"ID":"1-npm-aws-cli-js","Registry":"npm","PackageName":"aws-cli-js","PackageOwner":"Quobject","Downloads":"2378","Forks":"13","Stars":"31","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Command Injection","Severity":"6.4","AffectedVersionRange":"*","DisclosureDate":"2020-03-27","PrNumber":"","Live":false,"Bounty":{"Credit":"640","Cash":"40"},"Repository":{"Name":"aws-cli-js","Owner":"Quobject"},"FixSubmissionCount":0},{"ID":"1-npm-baobab","Registry":"npm","PackageName":"baobab","PackageOwner":"Yomguithereal","Downloads":"5236","Forks":"128","Stars":"3053","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-26","PrNumber":"1789","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"baobab","Owner":"Yomguithereal"},"FixSubmissionCount":1},{"ID":"1-npm-benchmark.js","Registry":"npm","PackageName":"benchmark.js","PackageOwner":"bestiejs","Downloads":"5","Forks":"327","Stars":"4799","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Denial of Service","Severity":"5.9","AffectedVersionRange":"*","DisclosureDate":"2020-03-27","PrNumber":"","Live":false,"Bounty":{"Credit":"590","Cash":"40"},"Repository":{"Name":"benchmark.js","Owner":"bestiejs"},"FixSubmissionCount":0},{"ID":"1-npm-bizcharts","Registry":"npm","PackageName":"bizcharts","PackageOwner":"alibaba","Downloads":"28668","Forks":"626","Stars":"5506","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"6.1","AffectedVersionRange":"*","DisclosureDate":"2020-10-20","PrNumber":"941","Live":false,"Bounty":{"Credit":"610","Cash":"40"},"Repository":{"Name":"BizCharts","Owner":"alibaba"},"FixSubmissionCount":0},{"ID":"1-npm-bmoor","Registry":"npm","PackageName":"bmoor","PackageOwner":"b-heilman","Downloads":"207","Forks":"2","Stars":"2","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-11-18","PrNumber":"1224","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"bmoor","Owner":"b-heilman"},"FixSubmissionCount":0},{"ID":"1-npm-bonescript","Registry":"npm","PackageName":"bonescript","PackageOwner":"jadonk","Downloads":"14","Forks":"169","Stars":"506","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Remote Code Execution","Severity":"6.7","AffectedVersionRange":"*","DisclosureDate":"2020-11-19","PrNumber":"1226","Live":false,"Bounty":{"Credit":"670","Cash":"40"},"Repository":{"Name":"bonescript","Owner":"jadonk"},"FixSubmissionCount":0},{"ID":"1-npm-bson-objectid","Registry":"npm","PackageName":"bson-objectid","PackageOwner":"williamkapke","Downloads":"89458","Forks":"28","Stars":"148","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Insufficient Input Validation","Severity":"3.7","AffectedVersionRange":"*","DisclosureDate":"2020-06-09","PrNumber":"942","Live":false,"Bounty":{"Credit":"370","Cash":"40"},"Repository":{"Name":"bson-objectid","Owner":"williamkapke"},"FixSubmissionCount":0},{"ID":"1-npm-bundle-phobia-cli","Registry":"npm","PackageName":"bundle-phobia-cli","PackageOwner":"AdrieanKhisbe","Downloads":"4322","Forks":"11","Stars":"102","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"OS Command Injection","Severity":"3.2","AffectedVersionRange":"*","DisclosureDate":"2020-09-01","PrNumber":"943","Live":false,"Bounty":{"Credit":"320","Cash":"40"},"Repository":{"Name":"bundle-phobia-cli","Owner":"AdrieanKhisbe"},"FixSubmissionCount":0},{"ID":"1-npm-cache-base","Registry":"npm","PackageName":"cache-base","PackageOwner":"jonschlinkert","Downloads":"15775935","Forks":"11","Stars":"46","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-10","PrNumber":"1498","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"cache-base","Owner":"jonschlinkert"},"FixSubmissionCount":0},{"ID":"1-npm-casperjs","Registry":"npm","PackageName":"casperjs","PackageOwner":"casperjs","Downloads":"12633","Forks":"1053","Stars":"7311","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-08-05","PrNumber":"944","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"casperjs","Owner":"casperjs"},"FixSubmissionCount":0},{"ID":"1-npm-cd-messenger","Registry":"npm","PackageName":"cd-messenger","PackageOwner":"mikeerickson","Downloads":"7","Forks":"3","Stars":"1","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"HTML","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.6","AffectedVersionRange":"*","DisclosureDate":"2020-08-05","PrNumber":"945","Live":false,"Bounty":{"Credit":"860","Cash":"40"},"Repository":{"Name":"cd-messenger","Owner":"mikeerickson"},"FixSubmissionCount":0},{"ID":"1-npm-cezerin","Registry":"npm","PackageName":"cezerin","PackageOwner":"cezerin","Downloads":"5","Forks":"795","Stars":"1962","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Improper Access Control","Severity":"7.1","AffectedVersionRange":"*","DisclosureDate":"2020-02-21","PrNumber":"946","Live":false,"Bounty":{"Credit":"710","Cash":"40"},"Repository":{"Name":"cezerin","Owner":"cezerin"},"FixSubmissionCount":0},{"ID":"1-npm-clamscan","Registry":"npm","PackageName":"clamscan","PackageOwner":"kylefarris","Downloads":"6319","Forks":"46","Stars":"115","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"3.6","AffectedVersionRange":"*","DisclosureDate":"2020-09-02","PrNumber":"947","Live":false,"Bounty":{"Credit":"360","Cash":"40"},"Repository":{"Name":"clamscan","Owner":"kylefarris"},"FixSubmissionCount":0},{"ID":"1-npm-class-transformer","Registry":"npm","PackageName":"class-transformer","PackageOwner":"typestack","Downloads":"590223","Forks":"289","Stars":"3188","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Prototype Pollution","Severity":"4.2","AffectedVersionRange":"*","DisclosureDate":"2020-04-10","PrNumber":"","Live":false,"Bounty":{"Credit":"420","Cash":"40"},"Repository":{"Name":"class-transformer","Owner":"typestack"},"FixSubmissionCount":0},{"ID":"1-npm-clearance","Registry":"npm","PackageName":"clearance","PackageOwner":"thoughtbot","Downloads":"2","Forks":"449","Stars":"3362","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Ruby","VulnerabilityDescription":"Timing Attack","Severity":"5.3","AffectedVersionRange":"*","DisclosureDate":"2020-02-28","PrNumber":"","Live":false,"Bounty":{"Credit":"530","Cash":"40"},"Repository":{"Name":"clearance","Owner":"thoughtbot"},"FixSubmissionCount":0},{"ID":"1-npm-compass-compile","Registry":"npm","PackageName":"compass-compile","PackageOwner":"quaertym","Downloads":"129","Forks":"6","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"6.5","AffectedVersionRange":"*","DisclosureDate":"2020-09-02","PrNumber":"948","Live":false,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"compass-compile","Owner":"quaertym"},"FixSubmissionCount":0},{"ID":"1-npm-conflate","Registry":"npm","PackageName":"conflate","PackageOwner":"kommander","Downloads":"4","Forks":"2","Stars":"1","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-10","PrNumber":"1524","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"conflate.js","Owner":"kommander"},"FixSubmissionCount":1},{"ID":"1-npm-convict","Registry":"npm","PackageName":"convict","PackageOwner":"mozilla","Downloads":"206960","Forks":"155","Stars":"1676","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-11-19","PrNumber":"1232","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"node-convict","Owner":"mozilla"},"FixSubmissionCount":0},{"ID":"1-npm-cordova-serve","Registry":"npm","PackageName":"cordova-serve","PackageOwner":"apache","Downloads":"86697","Forks":"26","Stars":"11","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Remote Code Execution","Severity":"7.8","AffectedVersionRange":"*","DisclosureDate":"2020-06-16","PrNumber":"949","Live":false,"Bounty":{"Credit":"780","Cash":"40"},"Repository":{"Name":"cordova-serve","Owner":"apache"},"FixSubmissionCount":0},{"ID":"1-npm-count-git-tags","Registry":"npm","PackageName":"count-git-tags","PackageOwner":"aichbauer","Downloads":"2","Forks":"4","Stars":"1","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Remote Code Execution","Severity":"8.3","AffectedVersionRange":"*","DisclosureDate":"2020-06-30","PrNumber":"950","Live":false,"Bounty":{"Credit":"830","Cash":"40"},"Repository":{"Name":"node-count-git-tags","Owner":"aichbauer"},"FixSubmissionCount":0},{"ID":"1-npm-create-git","Registry":"npm","PackageName":"create-git","PackageOwner":"wesleytodd","Downloads":"55","Forks":"4","Stars":"3","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Remote Code Execution","Severity":"8.3","AffectedVersionRange":"*","DisclosureDate":"2020-06-30","PrNumber":"951","Live":false,"Bounty":{"Credit":"830","Cash":"40"},"Repository":{"Name":"create-git","Owner":"wesleytodd"},"FixSubmissionCount":0},{"ID":"1-npm-curling","Registry":"npm","PackageName":"curling","PackageOwner":"hgarcia","Downloads":"189","Forks":"6","Stars":"2","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"7.5","AffectedVersionRange":"*","DisclosureDate":"2020-03-06","PrNumber":"","Live":false,"Bounty":{"Credit":"750","Cash":"40"},"Repository":{"Name":"curling","Owner":"hgarcia"},"FixSubmissionCount":0},{"ID":"1-npm-curljs","Registry":"npm","PackageName":"curljs","PackageOwner":"jcrowe206","Downloads":"2","Forks":"6","Stars":"5","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"9.8","AffectedVersionRange":"*","DisclosureDate":"2021-01-26","PrNumber":"1795","Live":true,"Bounty":{"Credit":"980","Cash":"40"},"Repository":{"Name":"curljs","Owner":"jcrowe206"},"FixSubmissionCount":2},{"ID":"1-npm-curlrequest","Registry":"npm","PackageName":"curlrequest","PackageOwner":"node-js-libs","Downloads":"4028","Forks":"46","Stars":"175","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"8.8","AffectedVersionRange":"*","DisclosureDate":"2020-05-07","PrNumber":"952","Live":false,"Bounty":{"Credit":"880","Cash":"40"},"Repository":{"Name":"curlrequest","Owner":"node-js-libs"},"FixSubmissionCount":0},{"ID":"2-npm-curlrequest","Registry":"npm","PackageName":"curlrequest","PackageOwner":"node-js-libs","Downloads":"4028","Forks":"46","Stars":"175","PackageVulnerabilityID":"2","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Arbitrary File Read","Severity":"6.8","AffectedVersionRange":"*","DisclosureDate":"2020-05-07","PrNumber":"953","Live":false,"Bounty":{"Credit":"680","Cash":"40"},"Repository":{"Name":"curlrequest","Owner":"node-js-libs"},"FixSubmissionCount":0},{"ID":"1-npm-d2b","Registry":"npm","PackageName":"d2b","PackageOwner":"d2bjs","Downloads":"1179","Forks":"16","Stars":"84","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"6.1","AffectedVersionRange":"*","DisclosureDate":"2020-11-24","PrNumber":"1221","Live":false,"Bounty":{"Credit":"610","Cash":"40"},"Repository":{"Name":"d2b","Owner":"d2bjs"},"FixSubmissionCount":1},{"ID":"1-npm-data-store","Registry":"npm","PackageName":"data-store","PackageOwner":"jonschlinkert","Downloads":"47014","Forks":"20","Stars":"119","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"6.5","AffectedVersionRange":"*","DisclosureDate":"2021-02-04","PrNumber":"1833","Live":true,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"data-store","Owner":"jonschlinkert"},"FixSubmissionCount":1},{"ID":"1-npm-datatables.net","Registry":"npm","PackageName":"datatables.net","PackageOwner":"DataTables","Downloads":"281734","Forks":"22","Stars":"19","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Other","VulnerabilityDescription":"Prototype Pollution","Severity":"7.3","AffectedVersionRange":"*","DisclosureDate":"2020-10-25","PrNumber":"954","Live":false,"Bounty":{"Credit":"730","Cash":"40"},"Repository":{"Name":"Dist-DataTables","Owner":"DataTables"},"FixSubmissionCount":0},{"ID":"1-npm-decal","Registry":"npm","PackageName":"decal","PackageOwner":"gigafied","Downloads":"195","Forks":"8","Stars":"1","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"6.5","AffectedVersionRange":"*","DisclosureDate":"2021-02-05","PrNumber":"1848","Live":true,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"decal.js","Owner":"gigafied"},"FixSubmissionCount":1},{"ID":"1-npm-deep-get-set","Registry":"npm","PackageName":"deep-get-set","PackageOwner":"acstll","Downloads":"2187","Forks":"10","Stars":"23","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-09-08","PrNumber":"955","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"deep-get-set","Owner":"acstll"},"FixSubmissionCount":0},{"ID":"1-npm-deep-merge-js","Registry":"npm","PackageName":"deep-merge-js","PackageOwner":"smiranton-ua","Downloads":"7","Forks":"3","Stars":"1","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-10","PrNumber":"1562","Live":true,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"deep-merge-js","Owner":"smiranton-ua"},"FixSubmissionCount":2},{"ID":"1-npm-deep-merge-object","Registry":"npm","PackageName":"deep-merge-object","PackageOwner":"etc-tiago","Downloads":"0","Forks":"3","Stars":"1","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-10-28","PrNumber":"956","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"deep-merge-object","Owner":"etc-tiago"},"FixSubmissionCount":0},{"ID":"1-npm-deep-merger","Registry":"npm","PackageName":"deep-merger","PackageOwner":"gbhipolito","Downloads":"0","Forks":"4","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-12-21","PrNumber":"1422","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"deep-merger","Owner":"gbhipolito"},"FixSubmissionCount":0},{"ID":"1-npm-deep-override","Registry":"npm","PackageName":"deep-override","PackageOwner":"ASaiAnudeep","Downloads":"148","Forks":"2","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-12-17","PrNumber":"1398","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"deep-override","Owner":"ASaiAnudeep"},"FixSubmissionCount":0},{"ID":"1-npm-deeply-object-assign","Registry":"npm","PackageName":"deeply-object-assign","PackageOwner":"Babak-Gholamzadeh","Downloads":"2","Forks":"2","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-10","PrNumber":"1540","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"deeply-object-assign","Owner":"Babak-Gholamzadeh"},"FixSubmissionCount":1},{"ID":"1-npm-deepr","Registry":"npm","PackageName":"deepr","PackageOwner":"aaronats","Downloads":"4","Forks":"3","Stars":"1","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-12-21","PrNumber":"1423","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"deepr","Owner":"aaronats"},"FixSubmissionCount":1},{"ID":"1-npm-deeps","Registry":"npm","PackageName":"deeps","PackageOwner":"Salakar","Downloads":"73","Forks":"11","Stars":"23","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"<=1.4.5","DisclosureDate":"2021-01-07","PrNumber":"1461","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"deeps","Owner":"Salakar"},"FixSubmissionCount":1},{"ID":"1-npm-deferred-exec","Registry":"npm","PackageName":"deferred-exec","PackageOwner":"danheberden","Downloads":"8","Forks":"1","Stars":"1","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"7.3","AffectedVersionRange":"*","DisclosureDate":"2021-02-04","PrNumber":"1846","Live":true,"Bounty":{"Credit":"730","Cash":"40"},"Repository":{"Name":"deferred-exec","Owner":"danheberden"},"FixSubmissionCount":""},{"ID":"1-npm-dhtmlx-gantt","Registry":"npm","PackageName":"dhtmlx-gantt","PackageOwner":"DHTMLX","Downloads":"2454","Forks":"202","Stars":"636","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"6.1","AffectedVersionRange":"*","DisclosureDate":"2021-01-26","PrNumber":"1782","Live":true,"Bounty":{"Credit":"610","Cash":"40"},"Repository":{"Name":"gantt","Owner":"DHTMLX"},"FixSubmissionCount":0},{"ID":"1-npm-dns-sync","Registry":"npm","PackageName":"dns-sync","PackageOwner":"skoranga","Downloads":"4957","Forks":"8","Stars":"6","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Regular Expression Denial of Service (ReDoS)","Severity":"5.3","AffectedVersionRange":"*","DisclosureDate":"2020-08-10","PrNumber":"957","Live":false,"Bounty":{"Credit":"530","Cash":"40"},"Repository":{"Name":"node-dns-sync","Owner":"skoranga"},"FixSubmissionCount":0},{"ID":"1-npm-doc-path","Registry":"npm","PackageName":"doc-path","PackageOwner":"mrodrig","Downloads":"27516","Forks":"6","Stars":"2","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-10-03","PrNumber":"958","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"doc-path","Owner":"mrodrig"},"FixSubmissionCount":0},{"ID":"1-npm-docgenerator","Registry":"npm","PackageName":"docgenerator","PackageOwner":"Ralt","Downloads":"3","Forks":"7","Stars":"4","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"7.3","AffectedVersionRange":"*","DisclosureDate":"2021-02-05","PrNumber":"1849","Live":true,"Bounty":{"Credit":"730","Cash":"40"},"Repository":{"Name":"docgenerator","Owner":"Ralt"},"FixSubmissionCount":1},{"ID":"1-npm-docker-compose-remote-api","Registry":"npm","PackageName":"docker-compose-remote-api","PackageOwner":"jsrun","Downloads":"12","Forks":"5","Stars":"6","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"6.5","AffectedVersionRange":"*","DisclosureDate":"2020-09-02","PrNumber":"959","Live":false,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"docker-compose-remote-api","Owner":"jsrun"},"FixSubmissionCount":0},{"ID":"1-npm-dot-dotty","Registry":"npm","PackageName":"dot-dotty","PackageOwner":"kettek","Downloads":"0","Forks":"2","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"6.5","AffectedVersionRange":"*","DisclosureDate":"2021-02-04","PrNumber":"1830","Live":false,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"dot-dotty","Owner":"kettek"},"FixSubmissionCount":1},{"ID":"1-npm-dot-expand","Registry":"npm","PackageName":"dot-expand","PackageOwner":"pindlebot","Downloads":"14","Forks":"3","Stars":"2","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-10","PrNumber":"1535","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"dot-expand","Owner":"pindlebot"},"FixSubmissionCount":1},{"ID":"1-npm-dot-json","Registry":"npm","PackageName":"dot-json","PackageOwner":"maikelvl","Downloads":"41211","Forks":"5","Stars":"36","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-11-18","PrNumber":"1223","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"dot-json","Owner":"maikelvl"},"FixSubmissionCount":0},{"ID":"1-npm-dot-notes-js","Registry":"npm","PackageName":"dot-notes-js","PackageOwner":"whitfin","Downloads":"0","Forks":"10","Stars":"10","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"9.8","AffectedVersionRange":"*","DisclosureDate":"2020-09-08","PrNumber":"960","Live":false,"Bounty":{"Credit":"980","Cash":"40"},"Repository":{"Name":"dot-notes-js","Owner":"whitfin"},"FixSubmissionCount":0},{"ID":"1-npm-dot-prop-opt","Registry":"npm","PackageName":"dot-prop-opt","PackageOwner":"alexandervu","Downloads":"57","Forks":"2","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-26","PrNumber":"1718","Live":true,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"dot-prop-opt","Owner":"alexandervu"},"FixSubmissionCount":1},{"ID":"1-npm-dot-wild","Registry":"npm","PackageName":"dot-wild","PackageOwner":"tsuyoshiwada","Downloads":"3551","Forks":"4","Stars":"18","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Prototype Pollution","Severity":"6.5","AffectedVersionRange":"*","DisclosureDate":"2021-01-31","PrNumber":"1818","Live":true,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"dot-wild","Owner":"tsuyoshiwada"},"FixSubmissionCount":1},{"ID":"1-npm-drag-on-drop","Registry":"npm","PackageName":"drag-on-drop","PackageOwner":"schne324","Downloads":"1417","Forks":"28","Stars":"385","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"6.1","AffectedVersionRange":"*","DisclosureDate":"2020-12-21","PrNumber":"1366","Live":true,"Bounty":{"Credit":"610","Cash":"40"},"Repository":{"Name":"dragon-drop","Owner":"schne324"},"FixSubmissionCount":1},{"ID":"1-npm-drive-db","Registry":"npm","PackageName":"drive-db","PackageOwner":"franciscop","Downloads":"3401","Forks":"41","Stars":"783","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"4.1","AffectedVersionRange":"*","DisclosureDate":"2021-01-10","PrNumber":"1530","Live":false,"Bounty":{"Credit":"410","Cash":"40"},"Repository":{"Name":"drive-db","Owner":"franciscop"},"FixSubmissionCount":2},{"ID":"1-npm-dset","Registry":"npm","PackageName":"dset","PackageOwner":"lukeed","Downloads":"46095","Forks":"18","Stars":"643","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-10","PrNumber":"1495","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"dset","Owner":"lukeed"},"FixSubmissionCount":1},{"ID":"1-npm-dy-server2","Registry":"npm","PackageName":"dy-server2","PackageOwner":"RilyZhang","Downloads":"4","Forks":"1","Stars":"8","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Cross Site Scripting","Severity":"6.1","AffectedVersionRange":"*","DisclosureDate":"2021-02-06","PrNumber":"1851","Live":true,"Bounty":{"Credit":"610","Cash":"40"},"Repository":{"Name":"dy-server","Owner":"RilyZhang"},"FixSubmissionCount":""},{"ID":"1-npm-easy-pdf-merge","Registry":"npm","PackageName":"easy-pdf-merge","PackageOwner":"karuppiah7890","Downloads":"12651","Forks":"32","Stars":"63","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Remote Code Execution","Severity":"3.1","AffectedVersionRange":"*","DisclosureDate":"2020-06-13","PrNumber":"961","Live":false,"Bounty":{"Credit":"310","Cash":"40"},"Repository":{"Name":"easy-pdf-merge","Owner":"karuppiah7890"},"FixSubmissionCount":0},{"ID":"1-npm-easydot","Registry":"npm","PackageName":"easydot","PackageOwner":"matsuby","Downloads":"1","Forks":"3","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-12-21","PrNumber":"1424","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"easydot","Owner":"matsuby"},"FixSubmissionCount":1},{"ID":"1-npm-editor.md","Registry":"npm","PackageName":"editor.md","PackageOwner":"pandao","Downloads":"352","Forks":"2085","Stars":"10767","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Cross-site Scripting","Severity":"7.5","AffectedVersionRange":"*","DisclosureDate":"2020-02-28","PrNumber":"","Live":false,"Bounty":{"Credit":"750","Cash":"40"},"Repository":{"Name":"editor.md","Owner":"pandao"},"FixSubmissionCount":0},{"ID":"2-npm-editor.md","Registry":"npm","PackageName":"editor.md","PackageOwner":"pandao","Downloads":"352","Forks":"2085","Stars":"10767","PackageVulnerabilityID":"2","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"5.4","AffectedVersionRange":"*","DisclosureDate":"2020-08-30","PrNumber":"443","Live":false,"Bounty":{"Credit":"540","Cash":"40"},"Repository":{"Name":"editor.md","Owner":"pandao"},"FixSubmissionCount":0},{"ID":"1-npm-effect","Registry":"npm","PackageName":"effect","PackageOwner":"Javascipt","Downloads":"429","Forks":"4","Stars":"4","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"6.5","AffectedVersionRange":"*","DisclosureDate":"2020-09-02","PrNumber":"963","Live":false,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"effect","Owner":"Javascipt"},"FixSubmissionCount":0},{"ID":"1-npm-ejs","Registry":"npm","PackageName":"ejs","PackageOwner":"mde","Downloads":"8681136","Forks":"573","Stars":"5220","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Remote Code Execution","Severity":"4.1","AffectedVersionRange":"*","DisclosureDate":"2021-02-11","PrNumber":"1768","Live":true,"Bounty":{"Credit":"410","Cash":"40"},"Repository":{"Name":"ejs","Owner":"mde"},"FixSubmissionCount":0},{"ID":"1-npm-electron-builder","Registry":"npm","PackageName":"electron-builder","PackageOwner":"electron-userland","Downloads":"186405","Forks":"1239","Stars":"10244","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Signature Validation Bypass","Severity":"6.5","AffectedVersionRange":"*","DisclosureDate":"2020-06-02","PrNumber":"964","Live":false,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"electron-builder","Owner":"electron-userland"},"FixSubmissionCount":0},{"ID":"1-npm-enpeem","Registry":"npm","PackageName":"enpeem","PackageOwner":"balderdashy","Downloads":"253","Forks":"6","Stars":"20","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Remote Code Execution","Severity":"8.3","AffectedVersionRange":"*","DisclosureDate":"2020-06-30","PrNumber":"965","Live":false,"Bounty":{"Credit":"830","Cash":"40"},"Repository":{"Name":"enpeem","Owner":"balderdashy"},"FixSubmissionCount":0},{"ID":"1-npm-expand-keys","Registry":"npm","PackageName":"expand-keys","PackageOwner":"patrickleet","Downloads":"185","Forks":"4","Stars":"2","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-12-21","PrNumber":"1427","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"expand-keys","Owner":"patrickleet"},"FixSubmissionCount":0},{"ID":"1-npm-express-brute","Registry":"npm","PackageName":"express-brute","PackageOwner":"AdamPflug","Downloads":"29208","Forks":"93","Stars":"530","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Rate Limiting Bypass","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-02-03","PrNumber":"966","Live":true,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"express-brute","Owner":"AdamPflug"},"FixSubmissionCount":0},{"ID":"1-npm-express-cart","Registry":"npm","PackageName":"express-cart","PackageOwner":"mrvautin","Downloads":"7","Forks":"742","Stars":"1945","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Cross-site Request Forgery (CSRF)","Severity":"5.7","AffectedVersionRange":"*","DisclosureDate":"2020-07-28","PrNumber":"967","Live":false,"Bounty":{"Credit":"570","Cash":"40"},"Repository":{"Name":"expressCart","Owner":"mrvautin"},"FixSubmissionCount":0},{"ID":"1-npm-express-laravel-passport","Registry":"npm","PackageName":"express-laravel-passport","PackageOwner":"EugeneNguyen","Downloads":"2","Forks":"3","Stars":"2","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Improper Authentication","Severity":"7.5","AffectedVersionRange":"*","DisclosureDate":"2020-02-13","PrNumber":"","Live":false,"Bounty":{"Credit":"750","Cash":"40"},"Repository":{"Name":"express-laravel-passport","Owner":"EugeneNguyen"},"FixSubmissionCount":0},{"ID":"1-npm-extend-objects-only","Registry":"npm","PackageName":"extend-objects-only","PackageOwner":"danikaze","Downloads":"3","Forks":"2","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-02-11","PrNumber":"1749","Live":true,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"extend-objects-only","Owner":"danikaze"},"FixSubmissionCount":1},{"ID":"1-npm-extendify","Registry":"npm","PackageName":"extendify","PackageOwner":"bigShai","Downloads":"1857","Forks":"10","Stars":"20","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-10-26","PrNumber":"968","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"extendify","Owner":"bigShai"},"FixSubmissionCount":0},{"ID":"1-npm-extra-object","Registry":"npm","PackageName":"extra-object","PackageOwner":"nodef","Downloads":"214","Forks":"4","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-11-24","PrNumber":"1256","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"extra-object","Owner":"nodef"},"FixSubmissionCount":0},{"ID":"1-npm-fancygrid","Registry":"npm","PackageName":"fancygrid","PackageOwner":"FancyGrid","Downloads":"497","Forks":"46","Stars":"167","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"6.1","AffectedVersionRange":"*","DisclosureDate":"2020-11-17","PrNumber":"1219","Live":false,"Bounty":{"Credit":"610","Cash":"40"},"Repository":{"Name":"FancyGrid","Owner":"FancyGrid"},"FixSubmissionCount":0},{"ID":"1-npm-fast-json-patch","Registry":"npm","PackageName":"fast-json-patch","PackageOwner":"Starcounter-Jack","Downloads":"678554","Forks":"177","Stars":"1287","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-10-12","PrNumber":"969","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"JSON-Patch","Owner":"Starcounter-Jack"},"FixSubmissionCount":0},{"ID":"1-npm-fast-toml","Registry":"npm","PackageName":"fast-toml","PackageOwner":"Lepzulnag","Downloads":"250","Forks":"3","Stars":"5","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-12-14","PrNumber":"1378","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"fast-toml","Owner":"Lepzulnag"},"FixSubmissionCount":0},{"ID":"1-npm-ffmpeg-normalize","Registry":"npm","PackageName":"ffmpeg-normalize","PackageOwner":"peterforgacs","Downloads":"1340","Forks":"15","Stars":"17","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Remote Code Execution","Severity":"4.0","AffectedVersionRange":"*","DisclosureDate":"2020-04-15","PrNumber":"970","Live":false,"Bounty":{"Credit":"400","Cash":"40"},"Repository":{"Name":"ffmpeg-normalize","Owner":"peterforgacs"},"FixSubmissionCount":0},{"ID":"1-npm-ffmpeg-sdk","Registry":"npm","PackageName":"ffmpeg-sdk","PackageOwner":"shajanjp","Downloads":"17","Forks":"1","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"7.3","AffectedVersionRange":"*","DisclosureDate":"2021-02-04","PrNumber":"1842","Live":true,"Bounty":{"Credit":"730","Cash":"40"},"Repository":{"Name":"ffmpeg-sdk","Owner":"shajanjp"},"FixSubmissionCount":1},{"ID":"1-npm-fileview","Registry":"npm","PackageName":"fileview","PackageOwner":"itworkcenter","Downloads":"1","Forks":"4","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Stored Cross-site Scripting (XSS)","Severity":"7.1","AffectedVersionRange":"*","DisclosureDate":"2020-02-13","PrNumber":"","Live":false,"Bounty":{"Credit":"710","Cash":"40"},"Repository":{"Name":"fileview","Owner":"itworkcenter"},"FixSubmissionCount":0},{"ID":"1-npm-fine-uploader","Registry":"npm","PackageName":"fine-uploader","PackageOwner":"FineUploader","Downloads":"21383","Forks":"1929","Stars":"8142","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"4.8","AffectedVersionRange":"*","DisclosureDate":"2020-08-17","PrNumber":"971","Live":false,"Bounty":{"Credit":"480","Cash":"40"},"Repository":{"Name":"fine-uploader","Owner":"FineUploader"},"FixSubmissionCount":0},{"ID":"1-npm-flat","Registry":"npm","PackageName":"flat","PackageOwner":"hughsk","Downloads":"4781696","Forks":"169","Stars":"1364","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-09-13","PrNumber":"972","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"flat","Owner":"hughsk"},"FixSubmissionCount":0},{"ID":"1-npm-frappe-charts","Registry":"npm","PackageName":"frappe-charts","PackageOwner":"frappe","Downloads":"9037","Forks":"607","Stars":"13766","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"6.1","AffectedVersionRange":"*","DisclosureDate":"2020-11-03","PrNumber":"973","Live":false,"Bounty":{"Credit":"610","Cash":"40"},"Repository":{"Name":"charts","Owner":"frappe"},"FixSubmissionCount":0},{"ID":"2-npm-frappe-charts","Registry":"npm","PackageName":"frappe-charts","PackageOwner":"frappe","Downloads":"9037","Forks":"607","Stars":"13766","PackageVulnerabilityID":"2","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"6.1","AffectedVersionRange":"*","DisclosureDate":"2021-01-26","PrNumber":"1776","Live":true,"Bounty":{"Credit":"610","Cash":"40"},"Repository":{"Name":"charts","Owner":"frappe"},"FixSubmissionCount":0},{"ID":"1-npm-frappe-datatable","Registry":"npm","PackageName":"frappe-datatable","PackageOwner":"frappe","Downloads":"2495","Forks":"91","Stars":"564","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"6.1","AffectedVersionRange":"*","DisclosureDate":"2021-01-26","PrNumber":"1778","Live":true,"Bounty":{"Credit":"610","Cash":"40"},"Repository":{"Name":"datatable","Owner":"frappe"},"FixSubmissionCount":1},{"ID":"1-npm-frappe-gantt","Registry":"npm","PackageName":"frappe-gantt","PackageOwner":"frappe","Downloads":"4775","Forks":"503","Stars":"2142","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"6.1","AffectedVersionRange":"*","DisclosureDate":"2021-01-26","PrNumber":"1777","Live":true,"Bounty":{"Credit":"610","Cash":"40"},"Repository":{"Name":"gantt","Owner":"frappe"},"FixSubmissionCount":1},{"ID":"1-npm-freediskspace","Registry":"npm","PackageName":"freediskspace","PackageOwner":"palortoff","Downloads":"3","Forks":"2","Stars":"3","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"7.3","AffectedVersionRange":"*","DisclosureDate":"2021-02-07","PrNumber":"1854","Live":true,"Bounty":{"Credit":"730","Cash":"40"},"Repository":{"Name":"freediskspace","Owner":"palortoff"},"FixSubmissionCount":1},{"ID":"1-npm-froala-editor","Registry":"npm","PackageName":"froala-editor","PackageOwner":"froala","Downloads":"82529","Forks":"593","Stars":"4497","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"CSS","VulnerabilityDescription":"Cross Site Scripting (XSS)","Severity":"6.5","AffectedVersionRange":"*","DisclosureDate":"2020-04-27","PrNumber":"","Live":false,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"wysiwyg-editor","Owner":"froala"},"FixSubmissionCount":0},{"ID":"1-npm-fsa","Registry":"npm","PackageName":"fsa","PackageOwner":"gregof","Downloads":"1276","Forks":"6","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"4.3","AffectedVersionRange":"*","DisclosureDate":"2020-09-02","PrNumber":"974","Live":false,"Bounty":{"Credit":"430","Cash":"40"},"Repository":{"Name":"fsa","Owner":"gregof"},"FixSubmissionCount":0},{"ID":"1-npm-fun-map","Registry":"npm","PackageName":"fun-map","PackageOwner":"nathan7","Downloads":"1890","Forks":"8","Stars":"1","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"4.2","AffectedVersionRange":"*","DisclosureDate":"2020-07-20","PrNumber":"975","Live":false,"Bounty":{"Credit":"420","Cash":"40"},"Repository":{"Name":"fun-map","Owner":"nathan7"},"FixSubmissionCount":0},{"ID":"1-npm-fusioncharts","Registry":"npm","PackageName":"fusioncharts","PackageOwner":"fusioncharts","Downloads":"13275","Forks":"43","Stars":"50","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"6.1","AffectedVersionRange":"*","DisclosureDate":"2020-11-15","PrNumber":"1196","Live":true,"Bounty":{"Credit":"610","Cash":"40"},"Repository":{"Name":"fusioncharts-dist","Owner":"fusioncharts"},"FixSubmissionCount":0},{"ID":"1-npm-gammautils","Registry":"npm","PackageName":"gammautils","PackageOwner":"gammasoft","Downloads":"237","Forks":"7","Stars":"4","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"6.5","AffectedVersionRange":"*","DisclosureDate":"2020-09-08","PrNumber":"976","Live":false,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"utils","Owner":"gammasoft"},"FixSubmissionCount":0},{"ID":"1-npm-ganon","Registry":"npm","PackageName":"ganon","PackageOwner":"BlakeGuilloud","Downloads":"4","Forks":"217","Stars":"93","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-11","PrNumber":"1452","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"ganon","Owner":"BlakeGuilloud"},"FixSubmissionCount":1},{"ID":"1-npm-getsetdeep","Registry":"npm","PackageName":"getsetdeep","PackageOwner":"bevry","Downloads":"2649","Forks":"4","Stars":"7","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Prototype Pollution","Severity":"7.3","AffectedVersionRange":"*","DisclosureDate":"2021-02-04","PrNumber":"1824","Live":true,"Bounty":{"Credit":"730","Cash":"40"},"Repository":{"Name":"getsetdeep","Owner":"bevry"},"FixSubmissionCount":2},{"ID":"1-npm-gify","Registry":"npm","PackageName":"gify","PackageOwner":"tj","Downloads":"639","Forks":"35","Stars":"268","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Remote Code Execution","Severity":"4.0","AffectedVersionRange":"*","DisclosureDate":"2020-04-15","PrNumber":"977","Live":false,"Bounty":{"Credit":"400","Cash":"40"},"Repository":{"Name":"node-gify","Owner":"tj"},"FixSubmissionCount":0},{"ID":"1-npm-git-commit-range","Registry":"npm","PackageName":"git-commit-range","PackageOwner":"aichbauer","Downloads":"102","Forks":"5","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Remote Code Execution","Severity":"8.3","AffectedVersionRange":"*","DisclosureDate":"2020-06-30","PrNumber":"978","Live":false,"Bounty":{"Credit":"830","Cash":"40"},"Repository":{"Name":"node-git-commit-range","Owner":"aichbauer"},"FixSubmissionCount":0},{"ID":"1-npm-git-lab-cli","Registry":"npm","PackageName":"git-lab-cli","PackageOwner":"vishwanatharondekar","Downloads":"199","Forks":"37","Stars":"224","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Remote Code Execution","Severity":"3.1","AffectedVersionRange":"*","DisclosureDate":"2020-05-08","PrNumber":"979","Live":false,"Bounty":{"Credit":"310","Cash":"40"},"Repository":{"Name":"gitlab-cli","Owner":"vishwanatharondekar"},"FixSubmissionCount":0},{"ID":"1-npm-git-lib","Registry":"npm","PackageName":"git-lib","PackageOwner":"joeyism","Downloads":"5","Forks":"4","Stars":"3","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"HTML","VulnerabilityDescription":"Command Injection","Severity":"7.3","AffectedVersionRange":"*","DisclosureDate":"2020-04-03","PrNumber":"","Live":false,"Bounty":{"Credit":"730","Cash":"40"},"Repository":{"Name":"node-git-lib","Owner":"joeyism"},"FixSubmissionCount":0},{"ID":"1-npm-git-revision-webpack-plugin","Registry":"npm","PackageName":"git-revision-webpack-plugin","PackageOwner":"pirelenito","Downloads":"135897","Forks":"43","Stars":"298","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Shell","VulnerabilityDescription":"Remote Code Execution","Severity":"3.1","AffectedVersionRange":"*","DisclosureDate":"2020-04-19","PrNumber":"980","Live":false,"Bounty":{"Credit":"310","Cash":"40"},"Repository":{"Name":"git-revision-webpack-plugin","Owner":"pirelenito"},"FixSubmissionCount":0},{"ID":"1-npm-git-static","Registry":"npm","PackageName":"git-static","PackageOwner":"mbostock","Downloads":"8","Forks":"20","Stars":"114","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Remote Code Execution","Severity":"4.6","AffectedVersionRange":"*","DisclosureDate":"2020-08-30","PrNumber":"981","Live":false,"Bounty":{"Credit":"460","Cash":"40"},"Repository":{"Name":"git-static","Owner":"mbostock"},"FixSubmissionCount":0},{"ID":"1-npm-git-stats","Registry":"npm","PackageName":"git-stats","PackageOwner":"IonicaBizau","Downloads":"3946","Forks":"165","Stars":"5613","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"HTML","VulnerabilityDescription":"Remote Code Execution","Severity":"3.5","AffectedVersionRange":"*","DisclosureDate":"2020-08-23","PrNumber":"982","Live":false,"Bounty":{"Credit":"350","Cash":"40"},"Repository":{"Name":"git-stats","Owner":"IonicaBizau"},"FixSubmissionCount":1},{"ID":"1-npm-git-tags-remote","Registry":"npm","PackageName":"git-tags-remote","PackageOwner":"sh0ji","Downloads":"403","Forks":"4","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"7.2","AffectedVersionRange":"*","DisclosureDate":"2020-08-06","PrNumber":"983","Live":false,"Bounty":{"Credit":"720","Cash":"40"},"Repository":{"Name":"git-tags-remote","Owner":"sh0ji"},"FixSubmissionCount":0},{"ID":"1-npm-git-wrapper","Registry":"npm","PackageName":"git-wrapper","PackageOwner":"pvorb","Downloads":"195","Forks":"17","Stars":"24","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"7.3","AffectedVersionRange":"*","DisclosureDate":"2020-04-03","PrNumber":"","Live":false,"Bounty":{"Credit":"730","Cash":"40"},"Repository":{"Name":"node-git-wrapper","Owner":"pvorb"},"FixSubmissionCount":0},{"ID":"1-npm-gitblame","Registry":"npm","PackageName":"gitblame","PackageOwner":"xjamundx","Downloads":"8","Forks":"3","Stars":"2","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"7.3","AffectedVersionRange":"*","DisclosureDate":"2021-02-04","PrNumber":"1840","Live":true,"Bounty":{"Credit":"730","Cash":"40"},"Repository":{"Name":"gitblame","Owner":"xjamundx"},"FixSubmissionCount":1},{"ID":"1-npm-gitlabhook","Registry":"npm","PackageName":"gitlabhook","PackageOwner":"rolfn","Downloads":"3","Forks":"22","Stars":"64","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"10","AffectedVersionRange":"*","DisclosureDate":"2020-02-27","PrNumber":"","Live":false,"Bounty":{"Credit":"1000","Cash":"40"},"Repository":{"Name":"node-gitlab-hook","Owner":"rolfn"},"FixSubmissionCount":0},{"ID":"1-npm-gitlogplus","Registry":"npm","PackageName":"gitlogplus","PackageOwner":"domharrington","Downloads":"523","Forks":"41","Stars":"82","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Remote Code Execution","Severity":"3.1","AffectedVersionRange":"*","DisclosureDate":"2020-05-23","PrNumber":"984","Live":false,"Bounty":{"Credit":"310","Cash":"40"},"Repository":{"Name":"node-gitlog","Owner":"domharrington"},"FixSubmissionCount":0},{"ID":"1-npm-gitwin","Registry":"npm","PackageName":"gitwin","PackageOwner":"jhaker","Downloads":"9406","Forks":"3","Stars":"1","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Remote Code Execution","Severity":"4.0","AffectedVersionRange":"*","DisclosureDate":"2020-04-13","PrNumber":"985","Live":false,"Bounty":{"Credit":"400","Cash":"40"},"Repository":{"Name":"nodejs-gitwin","Owner":"jhaker"},"FixSubmissionCount":0},{"ID":"1-npm-grpc","Registry":"npm","PackageName":"grpc","PackageOwner":"grpc","Downloads":"757889","Forks":"357","Stars":"2730","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-11-15","PrNumber":"1198","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"grpc-node","Owner":"grpc"},"FixSubmissionCount":0},{"ID":"2-npm-grpc","Registry":"npm","PackageName":"grpc","PackageOwner":"grpc","Downloads":"757889","Forks":"357","Stars":"2730","PackageVulnerabilityID":"2","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-26","PrNumber":"1792","Live":true,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"grpc-node","Owner":"grpc"},"FixSubmissionCount":1},{"ID":"1-npm-grunt-util-property","Registry":"npm","PackageName":"grunt-util-property","PackageOwner":"mikaelkaron","Downloads":"1218","Forks":"5","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"4","AffectedVersionRange":"*","DisclosureDate":"2020-09-02","PrNumber":"987","Live":false,"Bounty":{"Credit":"400","Cash":"40"},"Repository":{"Name":"grunt-util-property","Owner":"mikaelkaron"},"FixSubmissionCount":0},{"ID":"1-npm-gry","Registry":"npm","PackageName":"gry","PackageOwner":"IonicaBizau","Downloads":"26673","Forks":"4","Stars":"5","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"7.3","AffectedVersionRange":"*","DisclosureDate":"2020-04-03","PrNumber":"","Live":false,"Bounty":{"Credit":"730","Cash":"40"},"Repository":{"Name":"node-gry","Owner":"IonicaBizau"},"FixSubmissionCount":0},{"ID":"1-npm-gson-pointer","Registry":"npm","PackageName":"gson-pointer","PackageOwner":"sagold","Downloads":"649","Forks":"3","Stars":"3","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-11-01","PrNumber":"988","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"gson-pointer","Owner":"sagold"},"FixSubmissionCount":0},{"ID":"1-npm-gity","Registry":"npm","PackageName":"gity","PackageOwner":"stevenmiller888","Downloads":"16","Forks":"6","Stars":"44","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Remote Code Execution","Severity":"3.1","AffectedVersionRange":"*","DisclosureDate":"2019-11-05","PrNumber":"986","Live":false,"Bounty":{"Credit":"310","Cash":"40"},"Repository":{"Name":"gity","Owner":"stevenmiller888"},"FixSubmissionCount":0},{"ID":"1-npm-gson-query","Registry":"npm","PackageName":"gson-query","PackageOwner":"sagold","Downloads":"671","Forks":"3","Stars":"7","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-10-12","PrNumber":"989","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"gson-query","Owner":"sagold"},"FixSubmissionCount":0},{"ID":"1-npm-gulp-scss-lint","Registry":"npm","PackageName":"gulp-scss-lint","PackageOwner":"juanfran","Downloads":"7945","Forks":"35","Stars":"114","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"5.9","AffectedVersionRange":"*","DisclosureDate":"2020-09-02","PrNumber":"990","Live":false,"Bounty":{"Credit":"590","Cash":"40"},"Repository":{"Name":"gulp-scss-lint","Owner":"juanfran"},"FixSubmissionCount":0},{"ID":"1-npm-gulp-styledocco","Registry":"npm","PackageName":"gulp-styledocco","PackageOwner":"konitter","Downloads":"253","Forks":"7","Stars":"13","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"6.5","AffectedVersionRange":"*","DisclosureDate":"2020-09-02","PrNumber":"991","Live":false,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"gulp-styledocco","Owner":"konitter"},"FixSubmissionCount":0},{"ID":"1-npm-gulp-tape","Registry":"npm","PackageName":"gulp-tape","PackageOwner":"yuanqing","Downloads":"302","Forks":"13","Stars":"14","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"5.9","AffectedVersionRange":"*","DisclosureDate":"2020-09-02","PrNumber":"992","Live":false,"Bounty":{"Credit":"590","Cash":"40"},"Repository":{"Name":"gulp-tape","Owner":"yuanqing"},"FixSubmissionCount":0},{"ID":"1-npm-hapi","Registry":"npm","PackageName":"hapi","PackageOwner":"hapijs","Downloads":"140069","Forks":"1316","Stars":"13058","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Path Traversal via Symbolic Link","Severity":"7.5","AffectedVersionRange":"*","DisclosureDate":"2020-06-05","PrNumber":"993","Live":false,"Bounty":{"Credit":"750","Cash":"40"},"Repository":{"Name":"hapi","Owner":"hapijs"},"FixSubmissionCount":0},{"ID":"1-npm-harp","Registry":"npm","PackageName":"harp","PackageOwner":"sintaxi","Downloads":"1169","Forks":"369","Stars":"4916","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Unauthorised File Access","Severity":"7.5","AffectedVersionRange":"*","DisclosureDate":"2020-02-01","PrNumber":"","Live":false,"Bounty":{"Credit":"750","Cash":"40"},"Repository":{"Name":"harp","Owner":"sintaxi"},"FixSubmissionCount":0},{"ID":"1-npm-heroku-exec-util","Registry":"npm","PackageName":"heroku-exec-util","PackageOwner":"heroku","Downloads":"12035","Forks":"6","Stars":"2","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Remote Code Execution","Severity":"4.0","AffectedVersionRange":"*","DisclosureDate":"2020-04-13","PrNumber":"994","Live":false,"Bounty":{"Credit":"400","Cash":"40"},"Repository":{"Name":"heroku-exec-util","Owner":"heroku"},"FixSubmissionCount":0},{"ID":"1-npm-hexo-admin","Registry":"npm","PackageName":"hexo-admin","PackageOwner":"jaredly","Downloads":"264","Forks":"294","Stars":"1576","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"6.5","AffectedVersionRange":"*","DisclosureDate":"2020-08-10","PrNumber":"995","Live":false,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"hexo-admin","Owner":"jaredly"},"FixSubmissionCount":0},{"ID":"1-npm-hichat","Registry":"npm","PackageName":"hichat","PackageOwner":"wayou","Downloads":"0","Forks":"393","Stars":"705","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Stored Cross-site Scripting (XSS)","Severity":"8.5","AffectedVersionRange":"*","DisclosureDate":"2020-08-27","PrNumber":"996","Live":false,"Bounty":{"Credit":"850","Cash":"40"},"Repository":{"Name":"HiChat","Owner":"wayou"},"FixSubmissionCount":0},{"ID":"1-npm-homefront","Registry":"npm","PackageName":"homefront","PackageOwner":"SpoonX","Downloads":"231","Forks":"8","Stars":"13","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-10","PrNumber":"1550","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"homefront","Owner":"SpoonX"},"FixSubmissionCount":2},{"ID":"1-npm-html-pdf","Registry":"npm","PackageName":"html-pdf","PackageOwner":"marcbachmann","Downloads":"98283","Forks":"491","Stars":"3105","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Arbitrary File Read","Severity":"7.5","AffectedVersionRange":"*","DisclosureDate":"2020-08-17","PrNumber":"997","Live":false,"Bounty":{"Credit":"750","Cash":"40"},"Repository":{"Name":"node-html-pdf","Owner":"marcbachmann"},"FixSubmissionCount":0},{"ID":"1-npm-html-to-text","Registry":"npm","PackageName":"html-to-text","PackageOwner":"werk85","Downloads":"395003","Forks":"187","Stars":"867","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Denial of Service (DoS)","Severity":"7.5","AffectedVersionRange":"*","DisclosureDate":"2020-07-30","PrNumber":"998","Live":false,"Bounty":{"Credit":"750","Cash":"40"},"Repository":{"Name":"node-html-to-text","Owner":"werk85"},"FixSubmissionCount":0},{"ID":"1-npm-http-server","Registry":"npm","PackageName":"http-server","PackageOwner":"http-party","Downloads":"4604169","Forks":"1191","Stars":"10311","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Path Traversal","Severity":"7.5","AffectedVersionRange":"*","DisclosureDate":"2020-05-15","PrNumber":"999","Live":false,"Bounty":{"Credit":"750","Cash":"40"},"Repository":{"Name":"http-server","Owner":"http-party"},"FixSubmissionCount":0},{"ID":"1-npm-httpster","Registry":"npm","PackageName":"httpster","PackageOwner":"SimbCo","Downloads":"2653","Forks":"36","Stars":"339","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Path Traversal","Severity":"7.5","AffectedVersionRange":"*","DisclosureDate":"2020-08-14","PrNumber":"1000","Live":false,"Bounty":{"Credit":"750","Cash":"40"},"Repository":{"Name":"httpster","Owner":"SimbCo"},"FixSubmissionCount":0},{"ID":"1-npm-ibm-gantt-chart","Registry":"npm","PackageName":"ibm-gantt-chart","PackageOwner":"IBM","Downloads":"137","Forks":"19","Stars":"48","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"6.1","AffectedVersionRange":"*","DisclosureDate":"2021-01-26","PrNumber":"1790","Live":true,"Bounty":{"Credit":"610","Cash":"40"},"Repository":{"Name":"gantt-chart","Owner":"IBM"},"FixSubmissionCount":0},{"ID":"1-npm-idevicekit","Registry":"npm","PackageName":"idevicekit","PackageOwner":"thebeet","Downloads":"31","Forks":"13","Stars":"27","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"7.2","AffectedVersionRange":"*","DisclosureDate":"2020-05-08","PrNumber":"1001","Live":false,"Bounty":{"Credit":"720","Cash":"40"},"Repository":{"Name":"idevicekit","Owner":"thebeet"},"FixSubmissionCount":0},{"ID":"1-npm-im-metadata","Registry":"npm","PackageName":"im-metadata","PackageOwner":"Turistforeningen","Downloads":"315","Forks":"14","Stars":"3","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Remote Code Execution","Severity":"9.8","AffectedVersionRange":"*","DisclosureDate":"2020-03-21","PrNumber":"","Live":true,"Bounty":{"Credit":"980","Cash":"40"},"Repository":{"Name":"node-im-metadata","Owner":"Turistforeningen"},"FixSubmissionCount":1},{"ID":"1-npm-infraserver","Registry":"npm","PackageName":"infraserver","PackageOwner":"xuemen","Downloads":"1","Forks":"5","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.3","AffectedVersionRange":"*","DisclosureDate":"2020-09-08","PrNumber":"1002","Live":false,"Bounty":{"Credit":"830","Cash":"40"},"Repository":{"Name":"infra","Owner":"xuemen"},"FixSubmissionCount":0},{"ID":"1-npm-im-resize","Registry":"npm","PackageName":"im-resize","PackageOwner":"Turistforeningen","Downloads":"339","Forks":"13","Stars":"19","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"7.3","AffectedVersionRange":"*","DisclosureDate":"2020-03-27","Live":false,"Bounty":{"Credit":"730","Cash":"40"},"Repository":{"Name":"node-im-resize","Owner":"Turistforeningen"},"FixSubmissionCount":0},{"ID":"1-npm-ini-parser","Registry":"npm","PackageName":"ini-parser","PackageOwner":"rawiroaisen","Downloads":"399","Forks":"9","Stars":"4","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"4.4","AffectedVersionRange":"*","DisclosureDate":"2020-08-17","PrNumber":"1003","Live":false,"Bounty":{"Credit":"440","Cash":"40"},"Repository":{"Name":"node-ini-parser","Owner":"rawiroaisen"},"FixSubmissionCount":0},{"ID":"1-npm-iniparserjs","Registry":"npm","PackageName":"iniparserjs","PackageOwner":"tensoar","Downloads":"11","Forks":"2","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"6.5","AffectedVersionRange":"*","DisclosureDate":"2021-02-04","PrNumber":"1845","Live":true,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"IniParser.js","Owner":"tensoar"},"FixSubmissionCount":1},{"ID":"1-npm-install-package","Registry":"npm","PackageName":"install-package","PackageOwner":"1000ch","Downloads":"22","Forks":"4","Stars":"1","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"6.5","AffectedVersionRange":"*","DisclosureDate":"2020-07-20","PrNumber":"1004","Live":false,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"install-package","Owner":"1000ch"},"FixSubmissionCount":0},{"ID":"1-npm-ios-simulator","Registry":"npm","PackageName":"ios-simulator","PackageOwner":"macacajs","Downloads":"271","Forks":"8","Stars":"13","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"6.4","AffectedVersionRange":"*","DisclosureDate":"2020-03-27","PrNumber":"","Live":false,"Bounty":{"Credit":"640","Cash":"40"},"Repository":{"Name":"ios-simulator","Owner":"macacajs"},"FixSubmissionCount":0},{"ID":"1-npm-is-git-remote","Registry":"npm","PackageName":"is-git-remote","PackageOwner":"aichbauer","Downloads":"1","Forks":"2","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"7.3","AffectedVersionRange":"*","DisclosureDate":"2020-04-03","PrNumber":"","Live":false,"Bounty":{"Credit":"730","Cash":"40"},"Repository":{"Name":"node-is-git-remote","Owner":"aichbauer"},"FixSubmissionCount":0},{"ID":"1-npm-jison","Registry":"npm","PackageName":"jison","PackageOwner":"zaach","Downloads":"81725","Forks":"418","Stars":"3841","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"5.3","AffectedVersionRange":"*","DisclosureDate":"2020-05-04","PrNumber":"1005","Live":false,"Bounty":{"Credit":"530","Cash":"40"},"Repository":{"Name":"jison","Owner":"zaach"},"FixSubmissionCount":0},{"ID":"1-npm-join-assign","Registry":"npm","PackageName":"join-assign","PackageOwner":"diogoeichert","Downloads":"68","Forks":"3","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-02-11","PrNumber":"1700","Live":true,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"join-assign","Owner":"diogoeichert"},"FixSubmissionCount":2},{"ID":"1-npm-jquery-confirm","Registry":"npm","PackageName":"jquery-confirm","PackageOwner":"craftpip","Downloads":"4471","Forks":"476","Stars":"1691","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"6.3","AffectedVersionRange":"*","DisclosureDate":"2020-08-10","PrNumber":"1006","Live":false,"Bounty":{"Credit":"630","Cash":"40"},"Repository":{"Name":"jquery-confirm","Owner":"craftpip"},"FixSubmissionCount":0},{"ID":"1-npm-jquery-form","Registry":"npm","PackageName":"jquery-form","PackageOwner":"jquery-form","Downloads":"32642","Forks":"2040","Stars":"5062","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"9.8","AffectedVersionRange":"*","DisclosureDate":"2020-07-28","PrNumber":"1007","Live":false,"Bounty":{"Credit":"980","Cash":"40"},"Repository":{"Name":"form","Owner":"jquery-form"},"FixSubmissionCount":0},{"ID":"1-npm-js-ini","Registry":"npm","PackageName":"js-ini","PackageOwner":"Sdju","Downloads":"356","Forks":"5","Stars":"8","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-12-14","PrNumber":"1368","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"js-ini","Owner":"Sdju"},"FixSubmissionCount":0},{"ID":"1-npm-js-data","Registry":"npm","PackageName":"js-data","PackageOwner":"js-data","Downloads":"9955","Forks":"137","Stars":"1579","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-11","PrNumber":"1410","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"js-data","Owner":"js-data"},"FixSubmissionCount":2},{"ID":"2-npm-js-data","Registry":"npm","PackageName":"js-data","PackageOwner":"js-data","Downloads":"9955","Forks":"137","Stars":"1579","PackageVulnerabilityID":"2","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-26","PrNumber":"1794","Live":true,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"js-data","Owner":"js-data"},"FixSubmissionCount":0},{"ID":"1-npm-jscover","Registry":"npm","PackageName":"jscover","PackageOwner":"fengmk2","Downloads":"361","Forks":"8","Stars":"25","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"5.9","AffectedVersionRange":"*","DisclosureDate":"2020-07-20","PrNumber":"1008","Live":false,"Bounty":{"Credit":"590","Cash":"40"},"Repository":{"Name":"jscover","Owner":"fengmk2"},"FixSubmissionCount":0},{"ID":"1-npm-jshint","Registry":"npm","PackageName":"jshint","PackageOwner":"jshint","Downloads":"501957","Forks":"1724","Stars":"8510","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Remote Code Execution","Severity":"3.1","AffectedVersionRange":"*","DisclosureDate":"2020-05-14","PrNumber":"1009","Live":false,"Bounty":{"Credit":"310","Cash":"40"},"Repository":{"Name":"jshint","Owner":"jshint"},"FixSubmissionCount":0},{"ID":"1-npm-json-glat","Registry":"npm","PackageName":"json-glat","PackageOwner":"xiaoyifan6","Downloads":"1","Forks":"3","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-10","PrNumber":"1511","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"json-glat","Owner":"xiaoyifan6"},"FixSubmissionCount":1},{"ID":"1-npm-json-merge-patch","Registry":"npm","PackageName":"json-merge-patch","PackageOwner":"pierreinglebert","Downloads":"120017","Forks":"11","Stars":"45","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-09-14","PrNumber":"1010","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"json-merge-patch","Owner":"pierreinglebert"},"FixSubmissionCount":0},{"ID":"1-npm-json-merge-patch-in-place","Registry":"npm","PackageName":"json-merge-patch-in-place","PackageOwner":"RonPenton","Downloads":"6","Forks":"3","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Prototype Pollution","Severity":"6.5","AffectedVersionRange":"*","DisclosureDate":"2021-02-04","PrNumber":"1831","Live":true,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"json-merge-patch-in-place","Owner":"RonPenton"},"FixSubmissionCount":2},{"ID":"1-npm-json-ptr","Registry":"npm","PackageName":"json-ptr","PackageOwner":"flitbit","Downloads":"287268","Forks":"26","Stars":"68","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-10-12","PrNumber":"1011","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"json-ptr","Owner":"flitbit"},"FixSubmissionCount":0},{"ID":"1-npm-json8-patch","Registry":"npm","PackageName":"json8-patch","PackageOwner":"sonnyp","Downloads":"686","Forks":"15","Stars":"74","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-10-22","PrNumber":"1012","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"JSON8","Owner":"sonnyp"},"FixSubmissionCount":0},{"ID":"1-npm-json8-pointer","Registry":"npm","PackageName":"json8-pointer","PackageOwner":"sonnyp","Downloads":"681","Forks":"15","Stars":"74","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-10-22","PrNumber":"1013","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"JSON8","Owner":"sonnyp"},"FixSubmissionCount":0},{"ID":"1-npm-jsonpointerx","Registry":"npm","PackageName":"jsonpointerx","PackageOwner":"gms1","Downloads":"51","Forks":"2","Stars":"2","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-10","PrNumber":"1519","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"jsonpointerx","Owner":"gms1"},"FixSubmissionCount":1},{"ID":"1-npm-jsonuri","Registry":"npm","PackageName":"jsonuri","PackageOwner":"allgay","Downloads":"17","Forks":"14","Stars":"101","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"HTML","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-10","PrNumber":"1507","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"jsonuri","Owner":"allgay"},"FixSubmissionCount":1},{"ID":"1-npm-just-diff-apply","Registry":"npm","PackageName":"just-diff-apply","PackageOwner":"angus-c","Downloads":"25557","Forks":"126","Stars":"2606","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-10-22","PrNumber":"1014","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"just","Owner":"angus-c"},"FixSubmissionCount":0},{"ID":"1-npm-just-safe-set","Registry":"npm","PackageName":"just-safe-set","PackageOwner":"angus-c","Downloads":"10262","Forks":"126","Stars":"2606","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-10-23","PrNumber":"1015","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"just","Owner":"angus-c"},"FixSubmissionCount":0},{"ID":"1-npm-karma-mojo","Registry":"npm","PackageName":"karma-mojo","PackageOwner":"amireh","Downloads":"406","Forks":"4","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"6.5","AffectedVersionRange":"*","DisclosureDate":"2020-09-02","PrNumber":"1016","Live":false,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"karma-mojo","Owner":"amireh"},"FixSubmissionCount":0},{"ID":"1-npm-keypather","Registry":"npm","PackageName":"keypather","PackageOwner":"tjmehta","Downloads":"82601","Forks":"10","Stars":"51","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-10","PrNumber":"1506","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"keypather","Owner":"tjmehta"},"FixSubmissionCount":1},{"ID":"1-npm-kill-process-on-port","Registry":"npm","PackageName":"kill-process-on-port","PackageOwner":"radarsu","Downloads":"60","Forks":"4","Stars":"8","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"CSS","VulnerabilityDescription":"Command Injection","Severity":"7.3","AffectedVersionRange":"*","DisclosureDate":"2021-02-04","PrNumber":"1836","Live":true,"Bounty":{"Credit":"730","Cash":"40"},"Repository":{"Name":"kill-process-on-port","Owner":"radarsu"},"FixSubmissionCount":1},{"ID":"1-npm-larvitbase-www","Registry":"npm","PackageName":"larvitbase-www","PackageOwner":"larvit","Downloads":"57","Forks":"5","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Directory Traversal","Severity":"5.4","AffectedVersionRange":"*","DisclosureDate":"2020-02-27","PrNumber":"","Live":false,"Bounty":{"Credit":"540","Cash":"40"},"Repository":{"Name":"larvitbase-www","Owner":"larvit"},"FixSubmissionCount":0},{"ID":"1-npm-last-commit-log","Registry":"npm","PackageName":"last-commit-log","PackageOwner":"node-modules","Downloads":"2693","Forks":"8","Stars":"16","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')","Severity":"6.1","AffectedVersionRange":"*","DisclosureDate":"2020-12-14","PrNumber":"1367","Live":false,"Bounty":{"Credit":"610","Cash":"40"},"Repository":{"Name":"last-commit-log","Owner":"node-modules"},"FixSubmissionCount":1},{"ID":"1-npm-latinize","Registry":"npm","PackageName":"latinize","PackageOwner":"dundalek","Downloads":"35219","Forks":"29","Stars":"113","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-10","PrNumber":"1547","Live":true,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"latinize","Owner":"dundalek"},"FixSubmissionCount":2},{"ID":"1-npm-launchpad","Registry":"npm","PackageName":"launchpad","PackageOwner":"bitovi","Downloads":"13535","Forks":"29","Stars":"46","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Remote Code Execution","Severity":"7.8","AffectedVersionRange":"*","DisclosureDate":"2020-06-16","PrNumber":"1017","Live":false,"Bounty":{"Credit":"780","Cash":"40"},"Repository":{"Name":"launchpad","Owner":"bitovi"},"FixSubmissionCount":0},{"ID":"1-npm-lets-chat","Registry":"npm","PackageName":"lets-chat","PackageOwner":"sdelements","Downloads":"3","Forks":"1554","Stars":"9452","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Cross-Site Request Forgery (CSRF)","Severity":"7.1","AffectedVersionRange":"*","DisclosureDate":"2020-08-18","PrNumber":"1018","Live":false,"Bounty":{"Credit":"710","Cash":"40"},"Repository":{"Name":"lets-chat","Owner":"sdelements"},"FixSubmissionCount":0},{"ID":"1-npm-libnested","Registry":"npm","PackageName":"libnested","PackageOwner":"dominictarr","Downloads":"1428","Forks":"3","Stars":"7","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-10","PrNumber":"1496","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"libnested","Owner":"dominictarr"},"FixSubmissionCount":1},{"ID":"1-npm-licia","Registry":"npm","PackageName":"licia","PackageOwner":"liriliri","Downloads":"938","Forks":"136","Stars":"1854","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"1.25.0","DisclosureDate":"2020-09-15","PrNumber":"1020","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"licia","Owner":"liriliri"},"FixSubmissionCount":0},{"ID":"1-npm-list.js","Registry":"npm","PackageName":"list.js","PackageOwner":"javve","Downloads":"21121","Forks":"889","Stars":"10391","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"XSS","Severity":"6.6","AffectedVersionRange":"*","DisclosureDate":"2021-02-06","PrNumber":"1527","Live":true,"Bounty":{"Credit":"660","Cash":"40"},"Repository":{"Name":"list.js","Owner":"javve"},"FixSubmissionCount":0},{"ID":"1-npm-limdu","Registry":"npm","PackageName":"limdu","PackageOwner":"erelsgl","Downloads":"73","Forks":"101","Stars":"1002","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"7.3","AffectedVersionRange":"*","DisclosureDate":"2020-07-28","PrNumber":"1021","Live":false,"Bounty":{"Credit":"730","Cash":"40"},"Repository":{"Name":"limdu","Owner":"erelsgl"},"FixSubmissionCount":0},{"ID":"1-npm-listening-processes","Registry":"npm","PackageName":"listening-processes","PackageOwner":"matthewgonzalez","Downloads":"2","Forks":"3","Stars":"3","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Arbitrary Code Injection","Severity":"9.8","AffectedVersionRange":"*","DisclosureDate":"2020-03-04","PrNumber":"","Live":false,"Bounty":{"Credit":"980","Cash":"40"},"Repository":{"Name":"listening-processes","Owner":"matthewgonzalez"},"FixSubmissionCount":0},{"ID":"1-npm-live-server","Registry":"npm","PackageName":"live-server","PackageOwner":"tapio","Downloads":"228218","Forks":"403","Stars":"3457","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Path Traversal","Severity":"7.5","AffectedVersionRange":"*","DisclosureDate":"2021-01-30","PrNumber":"1809","Live":true,"Bounty":{"Credit":"750","Cash":"40"},"Repository":{"Name":"live-server","Owner":"tapio"},"FixSubmissionCount":1},{"ID":"1-npm-locutus","Registry":"npm","PackageName":"locutus","PackageOwner":"locutusjs","Downloads":"194397","Forks":"1155","Stars":"3475","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"HTML","VulnerabilityDescription":"Regular Expression Denial of Service (ReDoS)","Severity":"5.3","AffectedVersionRange":"*","DisclosureDate":"2020-10-15","PrNumber":"1022","Live":false,"Bounty":{"Credit":"530","Cash":"40"},"Repository":{"Name":"locutus","Owner":"locutusjs"},"FixSubmissionCount":0},{"ID":"1-npm-logkitty","Registry":"npm","PackageName":"logkitty","PackageOwner":"zamotany","Downloads":"476373","Forks":"9","Stars":"53","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Command Injection","Severity":"6.4","AffectedVersionRange":"*","DisclosureDate":"2020-03-27","PrNumber":"","Live":false,"Bounty":{"Credit":"640","Cash":"40"},"Repository":{"Name":"logkitty","Owner":"zamotany"},"FixSubmissionCount":0},{"ID":"1-npm-lsof","Registry":"npm","PackageName":"lsof","PackageOwner":"davglass","Downloads":"4128","Forks":"10","Stars":"21","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"7.5","AffectedVersionRange":"*","DisclosureDate":"2020-08-17","PrNumber":"1023","Live":false,"Bounty":{"Credit":"750","Cash":"40"},"Repository":{"Name":"node-lsof","Owner":"davglass"},"FixSubmissionCount":0},{"ID":"1-npm-luckysheet","Registry":"npm","PackageName":"luckysheet","PackageOwner":"mengshukeji","Downloads":"60","Forks":"754","Stars":"7283","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"XSS","Severity":"6.6","AffectedVersionRange":"*","DisclosureDate":"2021-02-06","PrNumber":"1484","Live":true,"Bounty":{"Credit":"660","Cash":"40"},"Repository":{"Name":"Luckysheet","Owner":"mengshukeji"},"FixSubmissionCount":0},{"ID":"1-npm-macaca-adb","Registry":"npm","PackageName":"macaca-adb","PackageOwner":"macacajs","Downloads":"955","Forks":"15","Stars":"34","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"7.2","AffectedVersionRange":"*","DisclosureDate":"2020-05-08","PrNumber":"1024","Live":false,"Bounty":{"Credit":"720","Cash":"40"},"Repository":{"Name":"macaca-adb","Owner":"macacajs"},"FixSubmissionCount":0},{"ID":"1-npm-makedeb","Registry":"npm","PackageName":"makedeb","PackageOwner":"AtlasIQ","Downloads":"33","Forks":"2","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Remote Code Execution","Severity":"3.1","AffectedVersionRange":"*","DisclosureDate":"2020-04-19","PrNumber":"1025","Live":false,"Bounty":{"Credit":"310","Cash":"40"},"Repository":{"Name":"makedeb","Owner":"AtlasIQ"},"FixSubmissionCount":0},{"ID":"1-npm-marscode","Registry":"npm","PackageName":"marscode","PackageOwner":"moorthi07","Downloads":"2","Forks":"4","Stars":"5","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Path Traversal","Severity":"3.8","AffectedVersionRange":"*","DisclosureDate":"2020-09-01","PrNumber":"1026","Live":false,"Bounty":{"Credit":"380","Cash":"40"},"Repository":{"Name":"marscode","Owner":"moorthi07"},"FixSubmissionCount":0},{"ID":"1-npm-mavon-editor","Registry":"npm","PackageName":"mavon-editor","PackageOwner":"hinesboy","Downloads":"3275","Forks":"739","Stars":"4593","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Vue","VulnerabilityDescription":"Cross-Site Scripting","Severity":"6.5","AffectedVersionRange":"*","DisclosureDate":"2020-02-27","PrNumber":"","Live":false,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"mavonEditor","Owner":"hinesboy"},"FixSubmissionCount":0},{"ID":"1-npm-merge","Registry":"npm","PackageName":"merge","PackageOwner":"yeikos","Downloads":"2128674","Forks":"31","Stars":"153","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-09-23","PrNumber":"1027","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"js.merge","Owner":"yeikos"},"FixSubmissionCount":0},{"ID":"1-npm-merge-change","Registry":"npm","PackageName":"merge-change","PackageOwner":"VladimirShestakov","Downloads":"244","Forks":"2","Stars":"2","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"7.3","AffectedVersionRange":"*","DisclosureDate":"2021-01-06","PrNumber":"1457","Live":false,"Bounty":{"Credit":"730","Cash":"40"},"Repository":{"Name":"merge-change","Owner":"VladimirShestakov"},"FixSubmissionCount":1},{"ID":"1-npm-merge-options-es5","Registry":"npm","PackageName":"merge-options-es5","PackageOwner":"glcheetham","Downloads":"524","Forks":"2","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-10","PrNumber":"1534","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"merge-options","Owner":"glcheetham"},"FixSubmissionCount":1},{"ID":"1-npm-meta-git","Registry":"npm","PackageName":"meta-git","PackageOwner":"mateodelnorte","Downloads":"714","Forks":"20","Stars":"18","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Remote Code Execution","Severity":"3.1","AffectedVersionRange":"*","DisclosureDate":"2019-11-02","PrNumber":"1028","Live":false,"Bounty":{"Credit":"310","Cash":"40"},"Repository":{"Name":"meta-git","Owner":"mateodelnorte"},"FixSubmissionCount":0},{"ID":"1-npm-metascraper-helpers","Registry":"npm","PackageName":"metascraper-helpers","PackageOwner":"microlinkhq","Downloads":"0","Forks":"103","Stars":"1044","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"HTML","VulnerabilityDescription":"Denial of Service","Severity":"7.5","AffectedVersionRange":"*","DisclosureDate":"2020-06-24","PrNumber":"1029","Live":false,"Bounty":{"Credit":"750","Cash":"40"},"Repository":{"Name":"metascraper","Owner":"microlinkhq"},"FixSubmissionCount":0},{"ID":"1-npm-min-http-server","Registry":"npm","PackageName":"min-http-server","PackageOwner":"zhanyuzhang","Downloads":"4","Forks":"2","Stars":"1","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Path Traversal","Severity":"7.5","AffectedVersionRange":"*","DisclosureDate":"2020-08-30","PrNumber":"1030","Live":false,"Bounty":{"Credit":"750","Cash":"40"},"Repository":{"Name":"min-http-server","Owner":"zhanyuzhang"},"FixSubmissionCount":0},{"ID":"1-npm-mobiledoc-kit","Registry":"npm","PackageName":"mobiledoc-kit","PackageOwner":"bustle","Downloads":"2364","Forks":"147","Stars":"1426","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"XSS","Severity":"6.6","AffectedVersionRange":"*","DisclosureDate":"2021-02-06","PrNumber":"1486","Live":true,"Bounty":{"Credit":"660","Cash":"40"},"Repository":{"Name":"mobiledoc-kit","Owner":"bustle"},"FixSubmissionCount":0},{"ID":"1-npm-mongo-parse","Registry":"npm","PackageName":"mongo-parse","PackageOwner":"fresheneesz","Downloads":"468","Forks":"21","Stars":"32","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Arbitrary Code Injection","Severity":"6.5","AffectedVersionRange":"*","DisclosureDate":"2020-08-10","PrNumber":"1031","Live":false,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"mongo-parse","Owner":"fresheneesz"},"FixSubmissionCount":0},{"ID":"1-npm-mongui","Registry":"npm","PackageName":"mongui","PackageOwner":"jjtortosa","Downloads":"5","Forks":"3","Stars":"3","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Arbitrary Code Injection","Severity":"6.5","AffectedVersionRange":"*","DisclosureDate":"2020-08-10","PrNumber":"1032","Live":false,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"mongui","Owner":"jjtortosa"},"FixSubmissionCount":0},{"ID":"1-npm-monitor","Registry":"npm","PackageName":"monitor","PackageOwner":"halfblood369","Downloads":"69","Forks":"5","Stars":"2","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"6.4","AffectedVersionRange":"*","DisclosureDate":"2020-03-27","PrNumber":"","Live":false,"Bounty":{"Credit":"640","Cash":"40"},"Repository":{"Name":"monitor","Owner":"halfblood369"},"FixSubmissionCount":0},{"ID":"1-npm-monorepo-build","Registry":"npm","PackageName":"monorepo-build","PackageOwner":"Timer","Downloads":"1","Forks":"2","Stars":"3","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Command Injection","Severity":"7.3","AffectedVersionRange":"*","DisclosureDate":"2021-02-04","PrNumber":"1837","Live":true,"Bounty":{"Credit":"730","Cash":"40"},"Repository":{"Name":"monorepo-contrib","Owner":"Timer"},"FixSubmissionCount":1},{"ID":"1-npm-mosc","Registry":"npm","PackageName":"mosc","PackageOwner":"4y0","Downloads":"1149","Forks":"6","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"HTML","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.6","AffectedVersionRange":"*","DisclosureDate":"2020-07-28","PrNumber":"1033","Live":false,"Bounty":{"Credit":"860","Cash":"40"},"Repository":{"Name":"mosc","Owner":"4y0"},"FixSubmissionCount":0},{"ID":"1-npm-mout","Registry":"npm","PackageName":"mout","PackageOwner":"mout","Downloads":"437998","Forks":"117","Stars":"1224","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-12-14","PrNumber":"1395","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"mout","Owner":"mout"},"FixSubmissionCount":0},{"ID":"1-npm-mrgit","Registry":"npm","PackageName":"mrgit","PackageOwner":"cksource","Downloads":"177","Forks":"8","Stars":"36","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Remote Code Execution","Severity":"3.1","AffectedVersionRange":"*","DisclosureDate":"2020-05-09","PrNumber":"1034","Live":false,"Bounty":{"Credit":"310","Cash":"40"},"Repository":{"Name":"mrgit","Owner":"cksource"},"FixSubmissionCount":0},{"ID":"1-npm-multi-ini","Registry":"npm","PackageName":"multi-ini","PackageOwner":"evangelion1204","Downloads":"2534","Forks":"8","Stars":"8","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-12-14","PrNumber":"1370","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"multi-ini","Owner":"evangelion1204"},"FixSubmissionCount":0},{"ID":"1-npm-nessy","Registry":"npm","PackageName":"nessy","PackageOwner":"coderaiser","Downloads":"2834","Forks":"3","Stars":"2","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-10-23","PrNumber":"1035","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"nessy","Owner":"coderaiser"},"FixSubmissionCount":0},{"ID":"1-npm-nest-deep","Registry":"npm","PackageName":"nest-deep","PackageOwner":"borm","Downloads":"1","Forks":"3","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-12-21","PrNumber":"1426","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"nest-deep","Owner":"borm"},"FixSubmissionCount":2},{"ID":"1-npm-nested-object-assign","Registry":"npm","PackageName":"nested-object-assign","PackageOwner":"Geta","Downloads":"275722","Forks":"3","Stars":"5","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-28","PrNumber":"1691","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"NestedObjectAssign","Owner":"Geta"},"FixSubmissionCount":1},{"ID":"1-npm-nested-objects-util","Registry":"npm","PackageName":"nested-objects-util","PackageOwner":"bonnevoyager","Downloads":"13","Forks":"3","Stars":"3","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-12-21","PrNumber":"1425","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"nested-objects-util","Owner":"bonnevoyager"},"FixSubmissionCount":0},{"ID":"1-npm-netlify-cms-widget-markdown","Registry":"npm","PackageName":"netlify-cms-widget-markdown","PackageOwner":"netlify","Downloads":"29271","Forks":"2174","Stars":"13443","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"6.1","AffectedVersionRange":"*","DisclosureDate":"2020-12-21","PrNumber":"1363","Live":false,"Bounty":{"Credit":"610","Cash":"40"},"Repository":{"Name":"netlify-cms","Owner":"netlify"},"FixSubmissionCount":1},{"ID":"1-npm-node-asset-cache","Registry":"npm","PackageName":"node-asset-cache","PackageOwner":"gavinuhma","Downloads":"0","Forks":"3","Stars":"3","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Directory Traversal","Severity":"7.5","AffectedVersionRange":"*","DisclosureDate":"2020-07-20","PrNumber":"1036","Live":false,"Bounty":{"Credit":"750","Cash":"40"},"Repository":{"Name":"node-asset-cache","Owner":"gavinuhma"},"FixSubmissionCount":0},{"ID":"1-npm-node-browser","Registry":"npm","PackageName":"node-browser","PackageOwner":"imsobear","Downloads":"52","Forks":"6","Stars":"2","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Download of Resources Without Integrity Check","Severity":"7.1","AffectedVersionRange":"*","DisclosureDate":"2020-08-17","PrNumber":"1037","Live":false,"Bounty":{"Credit":"710","Cash":"40"},"Repository":{"Name":"node-browser","Owner":"imsobear"},"FixSubmissionCount":0},{"ID":"1-npm-node-df","Registry":"npm","PackageName":"node-df","PackageOwner":"adriano-di-giovanni","Downloads":"3053","Forks":"14","Stars":"13","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"8.4","AffectedVersionRange":"*","DisclosureDate":"2020-02-21","PrNumber":"","Live":false,"Bounty":{"Credit":"840","Cash":"40"},"Repository":{"Name":"node-df","Owner":"adriano-di-giovanni"},"FixSubmissionCount":0},{"ID":"1-npm-node-dig-dns","Registry":"npm","PackageName":"node-dig-dns","PackageOwner":"StephanGeorg","Downloads":"350","Forks":"12","Stars":"27","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"7.8","AffectedVersionRange":"*","DisclosureDate":"2020-04-02","PrNumber":"","Live":false,"Bounty":{"Credit":"780","Cash":"40"},"Repository":{"Name":"node-dig-dns","Owner":"StephanGeorg"},"FixSubmissionCount":0},{"ID":"1-npm-node-idevice","Registry":"npm","PackageName":"node-idevice","PackageOwner":"OniOni","Downloads":"73134","Forks":"11","Stars":"4","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"5.2","AffectedVersionRange":"*","DisclosureDate":"2020-09-01","PrNumber":"1038","Live":false,"Bounty":{"Credit":"520","Cash":"40"},"Repository":{"Name":"node-idevice","Owner":"OniOni"},"FixSubmissionCount":0},{"ID":"1-npm-node-imagickal","Registry":"npm","PackageName":"node-imagickal","PackageOwner":"martinj","Downloads":"0","Forks":"13","Stars":"10","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"7.2","AffectedVersionRange":"*","DisclosureDate":"2020-05-08","PrNumber":"1039","Live":false,"Bounty":{"Credit":"720","Cash":"40"},"Repository":{"Name":"node-imagickal","Owner":"martinj"},"FixSubmissionCount":0},{"ID":"1-npm-node-import","Registry":"npm","PackageName":"node-import","PackageOwner":"mahdaen","Downloads":"70","Forks":"6","Stars":"8","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.6","AffectedVersionRange":"*","DisclosureDate":"2020-07-28","PrNumber":"1040","Live":false,"Bounty":{"Credit":"860","Cash":"40"},"Repository":{"Name":"node-import","Owner":"mahdaen"},"FixSubmissionCount":0},{"ID":"1-npm-libreoffice-convert","Registry":"npm","PackageName":"libreoffice-convert","PackageOwner":"elwerene","Downloads":"4250","Forks":"39","Stars":"65","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Remote Code Execution","Severity":"4.0","AffectedVersionRange":"*","DisclosureDate":"2020-04-14","PrNumber":"1019","Live":false,"Bounty":{"Credit":"400","Cash":"40"},"Repository":{"Name":"libreoffice-convert","Owner":"elwerene"},"FixSubmissionCount":0},{"ID":"1-npm-node-key-sender","Registry":"npm","PackageName":"node-key-sender","PackageOwner":"garimpeiro-it","Downloads":"868","Forks":"23","Stars":"65","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"6.5","AffectedVersionRange":"*","DisclosureDate":"2020-08-17","PrNumber":"1041","Live":false,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"node-key-sender","Owner":"garimpeiro-it"},"FixSubmissionCount":0},{"ID":"1-npm-node-latex-pdf","Registry":"npm","PackageName":"node-latex-pdf","PackageOwner":"toolbuddy","Downloads":"4","Forks":"4","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"TeX","VulnerabilityDescription":"Command Injection","Severity":"9.8","AffectedVersionRange":"*","DisclosureDate":"2021-01-26","PrNumber":"1797","Live":true,"Bounty":{"Credit":"980","Cash":"40"},"Repository":{"Name":"node-latex-pdf","Owner":"toolbuddy"},"FixSubmissionCount":2},{"ID":"1-npm-node-pngdefry","Registry":"npm","PackageName":"node-pngdefry","PackageOwner":"forsigner","Downloads":"1","Forks":"23","Stars":"23","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"C","VulnerabilityDescription":"Command Injection","Severity":"7.2","AffectedVersionRange":"*","DisclosureDate":"2020-05-08","PrNumber":"1042","Live":false,"Bounty":{"Credit":"720","Cash":"40"},"Repository":{"Name":"node-pngdefry","Owner":"forsigner"},"FixSubmissionCount":0},{"ID":"2-npm-node-pngdefry","Registry":"npm","PackageName":"node-pngdefry","PackageOwner":"forsigner","Downloads":"1","Forks":"23","Stars":"23","PackageVulnerabilityID":"2","CodebasePrimaryLanguage":"C","VulnerabilityDescription":"Buffer Overflow","Severity":"9.4","AffectedVersionRange":"*","DisclosureDate":"2020-05-15","PrNumber":"1043","Live":false,"Bounty":{"Credit":"940","Cash":"40"},"Repository":{"Name":"node-pngdefry","Owner":"forsigner"},"FixSubmissionCount":0},{"ID":"1-npm-node-prompt-here","Registry":"npm","PackageName":"node-prompt-here","PackageOwner":"s-a","Downloads":"1","Forks":"5","Stars":"1","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"5.9","AffectedVersionRange":"*","DisclosureDate":"2020-08-17","PrNumber":"1044","Live":false,"Bounty":{"Credit":"590","Cash":"40"},"Repository":{"Name":"node-prompt-here","Owner":"s-a"},"FixSubmissionCount":0},{"ID":"1-npm-node-rpm-builder","Registry":"npm","PackageName":"node-rpm-builder","PackageOwner":"rictorres","Downloads":"0","Forks":"15","Stars":"20","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"7.2","AffectedVersionRange":"*","DisclosureDate":"2020-05-08","PrNumber":"1045","Live":false,"Bounty":{"Credit":"720","Cash":"40"},"Repository":{"Name":"node-rpm-builder","Owner":"rictorres"},"FixSubmissionCount":0},{"ID":"1-npm-node-rsync","Registry":"npm","PackageName":"node-rsync","PackageOwner":"mattijs","Downloads":"13","Forks":"59","Stars":"256","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Code Injection","Severity":"7.2","AffectedVersionRange":"*","DisclosureDate":"2020-05-08","PrNumber":"1046","Live":false,"Bounty":{"Credit":"720","Cash":"40"},"Repository":{"Name":"node-rsync","Owner":"mattijs"},"FixSubmissionCount":0},{"ID":"1-npm-node-scp","Registry":"npm","PackageName":"node-scp","PackageOwner":"ecto","Downloads":"925","Forks":"26","Stars":"73","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Code Injection","Severity":"7.2","AffectedVersionRange":"*","DisclosureDate":"2020-05-08","PrNumber":"1047","Live":false,"Bounty":{"Credit":"720","Cash":"40"},"Repository":{"Name":"node-scp","Owner":"ecto"},"FixSubmissionCount":0},{"ID":"1-npm-node-svn-ultimate","Registry":"npm","PackageName":"node-svn-ultimate","PackageOwner":"peteward44","Downloads":"836","Forks":"20","Stars":"46","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Remote Code Execution","Severity":"4.0","AffectedVersionRange":"*","DisclosureDate":"2020-05-02","PrNumber":"1048","Live":false,"Bounty":{"Credit":"400","Cash":"40"},"Repository":{"Name":"node-svn-ultimate","Owner":"peteward44"},"FixSubmissionCount":0},{"ID":"1-npm-node-tool-utils","Registry":"npm","PackageName":"node-tool-utils","PackageOwner":"easy-team","Downloads":"241","Forks":"2","Stars":"2","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Remote Code Execution","Severity":"3.1","AffectedVersionRange":"*","DisclosureDate":"2020-05-02","PrNumber":"1049","Live":false,"Bounty":{"Credit":"310","Cash":"40"},"Repository":{"Name":"node-tool-utils","Owner":"easy-team"},"FixSubmissionCount":0},{"ID":"1-npm-node-unrar","Registry":"npm","PackageName":"node-unrar","PackageOwner":"scopsy","Downloads":"33","Forks":"8","Stars":"6","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"6.3","AffectedVersionRange":"*","DisclosureDate":"2020-04-02","PrNumber":"","Live":false,"Bounty":{"Credit":"630","Cash":"40"},"Repository":{"Name":"node-unrar","Owner":"scopsy"},"FixSubmissionCount":0},{"ID":"1-npm-node-wkhtmltopdf","Registry":"npm","PackageName":"node-wkhtmltopdf","PackageOwner":"francisdaigle","Downloads":"96","Forks":"10","Stars":"11","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Remote Code Execution","Severity":"3.1","AffectedVersionRange":"*","DisclosureDate":"2020-04-18","PrNumber":"1050","Live":false,"Bounty":{"Credit":"310","Cash":"40"},"Repository":{"Name":"node-wkhtmltopdf","Owner":"francisdaigle"},"FixSubmissionCount":0},{"ID":"1-npm-npm-git-publish","Registry":"npm","PackageName":"npm-git-publish","PackageOwner":"theoy","Downloads":"66","Forks":"12","Stars":"5","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Remote Code Execution","Severity":"3.1","AffectedVersionRange":"*","DisclosureDate":"2019-11-05","PrNumber":"1051","Live":false,"Bounty":{"Credit":"310","Cash":"40"},"Repository":{"Name":"npm-git-publish","Owner":"theoy"},"FixSubmissionCount":0},{"ID":"1-npm-npm-programmatic","Registry":"npm","PackageName":"npm-programmatic","PackageOwner":"Manak","Downloads":"7868","Forks":"28","Stars":"91","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"7.5","AffectedVersionRange":"*","DisclosureDate":"2020-08-17","PrNumber":"1052","Live":false,"Bounty":{"Credit":"750","Cash":"40"},"Repository":{"Name":"npm-programmatic","Owner":"Manak"},"FixSubmissionCount":0},{"ID":"1-npm-npos-tesseract","Registry":"npm","PackageName":"npos-tesseract","PackageOwner":"taoyuan","Downloads":"4","Forks":"2","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"7.3","AffectedVersionRange":"*","DisclosureDate":"2021-02-04","PrNumber":"1843","Live":true,"Bounty":{"Credit":"730","Cash":"40"},"Repository":{"Name":"npos-ocr","Owner":"taoyuan"},"FixSubmissionCount":1},{"ID":"1-npm-ntesseract","Registry":"npm","PackageName":"ntesseract","PackageOwner":"taoyuan","Downloads":"4","Forks":"1","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"7.3","AffectedVersionRange":"*","DisclosureDate":"2021-02-04","PrNumber":"1841","Live":true,"Bounty":{"Credit":"730","Cash":"40"},"Repository":{"Name":"ntesseract","Owner":"taoyuan"},"FixSubmissionCount":1},{"ID":"1-npm-nw-with-arm","Registry":"npm","PackageName":"nw-with-arm","PackageOwner":"toni89","Downloads":"1","Forks":"3","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Resources Downloaded over Insecure Protocol","Severity":"7.1","AffectedVersionRange":"*","DisclosureDate":"2020-08-17","PrNumber":"1053","Live":false,"Bounty":{"Credit":"710","Cash":"40"},"Repository":{"Name":"nw-with-arm","Owner":"toni89"},"FixSubmissionCount":0},{"ID":"1-npm-obj-def","Registry":"npm","PackageName":"obj-def","PackageOwner":"IonicaBizau","Downloads":"79730","Forks":"2","Stars":"3","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-04","PrNumber":"1404","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"obj-def","Owner":"IonicaBizau"},"FixSubmissionCount":0},{"ID":"1-npm-obj-helpers","Registry":"npm","PackageName":"obj-helpers","PackageOwner":"alzalabany","Downloads":"4","Forks":"2","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-02-11","PrNumber":"1746","Live":true,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"obj-helper","Owner":"alzalabany"},"FixSubmissionCount":1},{"ID":"1-npm-obj-keypath","Registry":"npm","PackageName":"obj-keypath","PackageOwner":"sethvincent","Downloads":"65","Forks":"3","Stars":"1","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"6.5","AffectedVersionRange":"*","DisclosureDate":"2021-02-01","PrNumber":"1819","Live":true,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"obj-keypath","Owner":"sethvincent"},"FixSubmissionCount":1},{"ID":"1-npm-obj-resolve","Registry":"npm","PackageName":"obj-resolve","PackageOwner":"alanning","Downloads":"5","Forks":"3","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-02-12","PrNumber":"1556","Live":true,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"node-obj-resolve","Owner":"alanning"},"FixSubmissionCount":2},{"ID":"1-npm-obj-unflatten","Registry":"npm","PackageName":"obj-unflatten","PackageOwner":"IonicaBizau","Downloads":"142","Forks":"3","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"<=1.0.9","DisclosureDate":"2020-12-17","PrNumber":"1407","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"obj-unflatten","Owner":"IonicaBizau"},"FixSubmissionCount":0},{"ID":"1-npm-object-accessor","Registry":"npm","PackageName":"object-accessor","PackageOwner":"khrome","Downloads":"3","Forks":"3","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-10","PrNumber":"1558","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"object-accessor","Owner":"khrome"},"FixSubmissionCount":2},{"ID":"1-npm-object-agent","Registry":"npm","PackageName":"object-agent","PackageOwner":"DarrenPaulWright","Downloads":"18","Forks":"3","Stars":"3","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-04","PrNumber":"1439","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"object-agent","Owner":"DarrenPaulWright"},"FixSubmissionCount":1},{"ID":"1-npm-object-auger","Registry":"npm","PackageName":"object-auger","PackageOwner":"hutsoninc","Downloads":"3","Forks":"3","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"6.5","AffectedVersionRange":"*","DisclosureDate":"2021-02-04","PrNumber":"1834","Live":true,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"object-auger","Owner":"hutsoninc"},"FixSubmissionCount":1},{"ID":"1-npm-object-breacher","Registry":"npm","PackageName":"object-breacher","PackageOwner":"A-Maged","Downloads":"17","Forks":"2","Stars":"2","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-26","PrNumber":"1698","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"object-breacher","Owner":"A-Maged"},"FixSubmissionCount":1},{"ID":"1-npm-object-deep-key","Registry":"npm","PackageName":"object-deep-key","PackageOwner":"danieldelcore","Downloads":"10","Forks":"2","Stars":"3","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-10","PrNumber":"1563","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"object-deep-key","Owner":"danieldelcore"},"FixSubmissionCount":0},{"ID":"1-npm-object-dot","Registry":"npm","PackageName":"object-dot","PackageOwner":"jusx","Downloads":"130","Forks":"3","Stars":"1","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-06","PrNumber":"1437","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"object-dot","Owner":"jusx"},"FixSubmissionCount":1},{"ID":"1-npm-object-path","Registry":"npm","PackageName":"object-path","PackageOwner":"mariocasciaro","Downloads":"3916425","Forks":"83","Stars":"912","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-09-14","PrNumber":"1054","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"object-path","Owner":"mariocasciaro"},"FixSubmissionCount":0},{"ID":"1-npm-object-traverse","Registry":"npm","PackageName":"object-traverse","PackageOwner":"wmira","Downloads":"8","Forks":"3","Stars":"3","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"6.5","AffectedVersionRange":"*","DisclosureDate":"2021-02-11","PrNumber":"1863","Live":true,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"object-traverse","Owner":"wmira"},"FixSubmissionCount":2},{"ID":"1-npm-objer","Registry":"npm","PackageName":"objer","PackageOwner":"wizebin","Downloads":"17","Forks":"2","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-02-12","PrNumber":"1559","Live":true,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"objer","Owner":"wizebin"},"FixSubmissionCount":1},{"ID":"1-npm-object-traversed","Registry":"npm","PackageName":"object-traversed","PackageOwner":"Chantouch","Downloads":"8","Forks":"3","Stars":"1","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"6.5","AffectedVersionRange":"*","DisclosureDate":"2021-02-11","PrNumber":"1862","Live":true,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"object-traversed","Owner":"Chantouch"},"FixSubmissionCount":2},{"ID":"1-npm-objnest","Registry":"npm","PackageName":"objnest","PackageOwner":"okunishinishi","Downloads":"5011","Forks":"3","Stars":"6","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-10-30","PrNumber":"1055","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"node-objnest","Owner":"okunishinishi"},"FixSubmissionCount":0},{"ID":"1-npm-objtools","Registry":"npm","PackageName":"objtools","PackageOwner":"zipscene","Downloads":"19","Forks":"4","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-19","PrNumber":"1416","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"objtools","Owner":"zipscene"},"FixSubmissionCount":0},{"ID":"1-npm-objwun","Registry":"npm","PackageName":"objwun","PackageOwner":"fedeghe","Downloads":"1","Forks":"2","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-27","PrNumber":"1693","Live":true,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"objwun","Owner":"fedeghe"},"FixSubmissionCount":1},{"ID":"1-npm-objutil","Registry":"npm","PackageName":"objutil","PackageOwner":"futurist","Downloads":"12","Forks":"4","Stars":"4","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"4.2","AffectedVersionRange":"*","DisclosureDate":"2020-05-21","PrNumber":"1056","Live":false,"Bounty":{"Credit":"420","Cash":"40"},"Repository":{"Name":"objutil","Owner":"futurist"},"FixSubmissionCount":0},{"ID":"1-npm-office-converter","Registry":"npm","PackageName":"office-converter","PackageOwner":"vworld4u","Downloads":"394","Forks":"7","Stars":"34","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Remote Code Execution","Severity":"4.0","AffectedVersionRange":"*","DisclosureDate":"2020-04-14","PrNumber":"1057","Live":false,"Bounty":{"Credit":"400","Cash":"40"},"Repository":{"Name":"office-converter","Owner":"vworld4u"},"FixSubmissionCount":0},{"ID":"1-npm-op-browser","Registry":"npm","PackageName":"op-browser","PackageOwner":"zdying","Downloads":"500","Forks":"3","Stars":"8","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"6.5","AffectedVersionRange":"*","DisclosureDate":"2020-08-17","PrNumber":"1058","Live":false,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"open-browser","Owner":"zdying"},"FixSubmissionCount":0},{"ID":"1-npm-openframe-image","Registry":"npm","PackageName":"openframe-image","PackageOwner":"OpenframeProject","Downloads":"15","Forks":"5","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Resources Downloaded over Insecure Protocol","Severity":"7.1","AffectedVersionRange":"*","DisclosureDate":"2020-08-17","PrNumber":"1059","Live":false,"Bounty":{"Credit":"710","Cash":"40"},"Repository":{"Name":"Openframe-Image","Owner":"OpenframeProject"},"FixSubmissionCount":0},{"ID":"1-npm-options-defaults","Registry":"npm","PackageName":"options-defaults","PackageOwner":"radarsu","Downloads":"113","Forks":"3","Stars":"1","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-11-19","PrNumber":"1231","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"options-defaults","Owner":"radarsu"},"FixSubmissionCount":0},{"ID":"1-npm-path-toolkit","Registry":"npm","PackageName":"path-toolkit","PackageOwner":"frenchroasted","Downloads":"3","Forks":"4","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-12-21","PrNumber":"1428","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"path-toolkit","Owner":"frenchroasted"},"FixSubmissionCount":2},{"ID":"1-npm-paypal-adaptive","Registry":"npm","PackageName":"paypal-adaptive","PackageOwner":"Ideame","Downloads":"1779","Forks":"34","Stars":"75","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"4.2","AffectedVersionRange":"*","DisclosureDate":"2020-04-17","PrNumber":"","Live":false,"Bounty":{"Credit":"420","Cash":"40"},"Repository":{"Name":"paypal-adaptive-sdk-nodejs","Owner":"Ideame"},"FixSubmissionCount":0},{"ID":"1-npm-pdf-image","Registry":"npm","PackageName":"pdf-image","PackageOwner":"mooz","Downloads":"5869","Forks":"79","Stars":"211","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Remote Code Execution","Severity":"9.8","AffectedVersionRange":"*","DisclosureDate":"2020-03-04","PrNumber":"","Live":false,"Bounty":{"Credit":"980","Cash":"40"},"Repository":{"Name":"node-pdf-image","Owner":"mooz"},"FixSubmissionCount":0},{"ID":"1-npm-pdf-merge","Registry":"npm","PackageName":"pdf-merge","PackageOwner":"wubzz","Downloads":"6455","Forks":"31","Stars":"114","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Remote Code Execution","Severity":"3.1","AffectedVersionRange":"*","DisclosureDate":"2020-06-13","PrNumber":"1060","Live":false,"Bounty":{"Credit":"310","Cash":"40"},"Repository":{"Name":"pdf-merge","Owner":"wubzz"},"FixSubmissionCount":0},{"ID":"1-npm-pdf-toolz","Registry":"npm","PackageName":"pdf-toolz","PackageOwner":"Rapidfacture","Downloads":"49","Forks":"8","Stars":"1","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Remote Code Execution","Severity":"3.1","AffectedVersionRange":"*","DisclosureDate":"2020-04-19","PrNumber":"1061","Live":false,"Bounty":{"Credit":"310","Cash":"40"},"Repository":{"Name":"pdf-toolz","Owner":"Rapidfacture"},"FixSubmissionCount":0},{"ID":"1-npm-php-unserialize","Registry":"npm","PackageName":"php-unserialize","PackageOwner":"naholyr","Downloads":"4437","Forks":"60","Stars":"113","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Denial of Service (DoS)","Severity":"7.5","AffectedVersionRange":"*","DisclosureDate":"2020-02-21","PrNumber":"","Live":false,"Bounty":{"Credit":"750","Cash":"40"},"Repository":{"Name":"js-php-unserialize","Owner":"naholyr"},"FixSubmissionCount":0},{"ID":"1-npm-phpjs","Registry":"npm","PackageName":"phpjs","PackageOwner":"kvz","Downloads":"2190","Forks":"1155","Stars":"3475","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"HTML","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-08-20","PrNumber":"1062","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"locutus","Owner":"kvz"},"FixSubmissionCount":0},{"ID":"1-npm-plain-object-merge","Registry":"npm","PackageName":"plain-object-merge","PackageOwner":"fabiospampinato","Downloads":"101","Forks":"3","Stars":"2","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-28","PrNumber":"1801","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"plain-object-merge","Owner":"fabiospampinato"},"FixSubmissionCount":2},{"ID":"1-npm-pm2","Registry":"npm","PackageName":"pm2","PackageOwner":"Unitech","Downloads":"805811","Forks":"2271","Stars":"34168","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"6.4","AffectedVersionRange":"*","DisclosureDate":"2020-02-01","PrNumber":"","Live":false,"Bounty":{"Credit":"640","Cash":"40"},"Repository":{"Name":"pm2","Owner":"Unitech"},"FixSubmissionCount":0},{"ID":"1-npm-properties-reader","Registry":"npm","PackageName":"properties-reader","PackageOwner":"steveukx","Downloads":"69939","Forks":"30","Stars":"62","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-12-14","PrNumber":"1369","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"properties","Owner":"steveukx"},"FixSubmissionCount":0},{"ID":"1-npm-propperties","Registry":"npm","PackageName":"propperties","PackageOwner":"gk803","Downloads":"6","Forks":"2","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"6.5","AffectedVersionRange":"*","DisclosureDate":"2021-02-04","PrNumber":"1827","Live":false,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"propperties","Owner":"gk803"},"FixSubmissionCount":1},{"ID":"1-npm-propperty","Registry":"npm","PackageName":"propperty","PackageOwner":"gk803","Downloads":"2","Forks":"3","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"6.5","AffectedVersionRange":"*","DisclosureDate":"2021-02-04","PrNumber":"1826","Live":false,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"propperty","Owner":"gk803"},"FixSubmissionCount":3},{"ID":"1-npm-qhash","Registry":"npm","PackageName":"qhash","PackageOwner":"andrasq","Downloads":"89","Forks":"3","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-28","PrNumber":"1701","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"node-qhash","Owner":"andrasq"},"FixSubmissionCount":2},{"ID":"1-npm-quickserver","Registry":"npm","PackageName":"quickserver","PackageOwner":"Torthu","Downloads":"1","Forks":"5","Stars":"2","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Directory Traversal","Severity":"7.5","AffectedVersionRange":"*","DisclosureDate":"2020-08-17","PrNumber":"1063","Live":false,"Bounty":{"Credit":"750","Cash":"40"},"Repository":{"Name":"quickserver","Owner":"Torthu"},"FixSubmissionCount":0},{"ID":"1-npm-r-chart","Registry":"npm","PackageName":"r-chart","PackageOwner":"mohammadFeiz","Downloads":"253","Forks":"3","Stars":"1","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"6.1","AffectedVersionRange":"*","DisclosureDate":"2021-01-06","PrNumber":"1385","Live":true,"Bounty":{"Credit":"610","Cash":"40"},"Repository":{"Name":"r-chart","Owner":"mohammadFeiz"},"FixSubmissionCount":1},{"ID":"1-npm-rails-session-decoder","Registry":"npm","PackageName":"rails-session-decoder","PackageOwner":"smirzaei","Downloads":"1084","Forks":"12","Stars":"17","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Information Exposure","Severity":"5.9","AffectedVersionRange":"*","DisclosureDate":"2020-08-17","PrNumber":"1064","Live":false,"Bounty":{"Credit":"590","Cash":"40"},"Repository":{"Name":"rails-session-decoder","Owner":"smirzaei"},"FixSubmissionCount":0},{"ID":"1-npm-rdf-graph-array","Registry":"npm","PackageName":"rdf-graph-array","PackageOwner":"rdf-ext","Downloads":"65","Forks":"7","Stars":"2","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-08-17","PrNumber":"1065","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"rdf-graph-array","Owner":"rdf-ext"},"FixSubmissionCount":0},{"ID":"1-npm-react-frappe-charts","Registry":"npm","PackageName":"react-frappe-charts","PackageOwner":"sheshbabu","Downloads":"1004","Forks":"17","Stars":"52","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"6.1","AffectedVersionRange":"*","DisclosureDate":"2020-11-24","PrNumber":"1235","Live":false,"Bounty":{"Credit":"610","Cash":"40"},"Repository":{"Name":"react-frappe-charts","Owner":"sheshbabu"},"FixSubmissionCount":1},{"ID":"1-npm-redis-srvr","Registry":"npm","PackageName":"redis-srvr","PackageOwner":"lennym","Downloads":"1","Forks":"5","Stars":"2","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Resources Downloaded over Insecure Protocol","Severity":"7.1","AffectedVersionRange":"*","DisclosureDate":"2020-08-17","PrNumber":"1066","Live":false,"Bounty":{"Credit":"710","Cash":"40"},"Repository":{"Name":"redis-srvr","Owner":"lennym"},"FixSubmissionCount":0},{"ID":"1-npm-reecerver","Registry":"npm","PackageName":"reecerver","PackageOwner":"kevinjreece","Downloads":"1","Forks":"3","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"HTML","VulnerabilityDescription":"Directory Traversal","Severity":"7.5","AffectedVersionRange":"*","DisclosureDate":"2020-08-17","PrNumber":"1067","Live":false,"Bounty":{"Credit":"750","Cash":"40"},"Repository":{"Name":"reecerver","Owner":"kevinjreece"},"FixSubmissionCount":0},{"ID":"1-npm-resourcehacker","Registry":"npm","PackageName":"resourcehacker","PackageOwner":"felicienfrancois","Downloads":"2","Forks":"10","Stars":"22","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Resources Downloaded over Insecure Protocol","Severity":"5.0","AffectedVersionRange":"*","DisclosureDate":"2020-08-17","PrNumber":"1068","Live":false,"Bounty":{"Credit":"500","Cash":"40"},"Repository":{"Name":"node-resourcehacker","Owner":"felicienfrancois"},"FixSubmissionCount":0},{"ID":"1-npm-restql","Registry":"npm","PackageName":"restql","PackageOwner":"adjesusds","Downloads":"5","Forks":"5","Stars":"16","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Regular Expression Denial of Service (ReDoS)","Severity":"7.5","AffectedVersionRange":"*","DisclosureDate":"2020-06-24","PrNumber":"1069","Live":false,"Bounty":{"Credit":"750","Cash":"40"},"Repository":{"Name":"restql","Owner":"adjesusds"},"FixSubmissionCount":0},{"ID":"1-npm-rfc6902","Registry":"npm","PackageName":"rfc6902","PackageOwner":"chbrown","Downloads":"155962","Forks":"31","Stars":"202","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-11-18","PrNumber":"1222","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"rfc6902","Owner":"chbrown"},"FixSubmissionCount":0},{"ID":"1-npm-rfc6902-ordered","Registry":"npm","PackageName":"rfc6902-ordered","PackageOwner":"kellyselden","Downloads":"11555","Forks":"2","Stars":"2","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-10","PrNumber":"1520","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"rfc6902-ordered","Owner":"kellyselden"},"FixSubmissionCount":1},{"ID":"1-npm-ritp","Registry":"npm","PackageName":"ritp","PackageOwner":"ncuzp","Downloads":"1","Forks":"3","Stars":"2","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Directory Traversal","Severity":"7.5","AffectedVersionRange":"*","DisclosureDate":"2020-08-17","PrNumber":"1070","Live":false,"Bounty":{"Credit":"750","Cash":"40"},"Repository":{"Name":"ritp","Owner":"ncuzp"},"FixSubmissionCount":0},{"ID":"1-npm-rpi","Registry":"npm","PackageName":"rpi","PackageOwner":"xseignard","Downloads":"3","Forks":"4","Stars":"3","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"7.5","AffectedVersionRange":"*","DisclosureDate":"2020-08-17","PrNumber":"1071","Live":false,"Bounty":{"Credit":"750","Cash":"40"},"Repository":{"Name":"rpi","Owner":"xseignard"},"FixSubmissionCount":0},{"ID":"1-npm-rsyncwrapper","Registry":"npm","PackageName":"rsyncwrapper","PackageOwner":"jedrichards","Downloads":"2925","Forks":"44","Stars":"118","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Remote Code Execution","Severity":"3.1","AffectedVersionRange":"*","DisclosureDate":"2020-04-21","PrNumber":"1072","Live":false,"Bounty":{"Credit":"310","Cash":"40"},"Repository":{"Name":"rsyncwrapper","Owner":"jedrichards"},"FixSubmissionCount":0},{"ID":"1-npm-s3-kilatstorage","Registry":"npm","PackageName":"s3-kilatstorage","PackageOwner":"KodepandaID","Downloads":"3","Forks":"5","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"9.8","AffectedVersionRange":"*","DisclosureDate":"2021-01-27","PrNumber":"1796","Live":true,"Bounty":{"Credit":"980","Cash":"40"},"Repository":{"Name":"KilatStorages3","Owner":"KodepandaID"},"FixSubmissionCount":2},{"ID":"1-npm-sabu","Registry":"npm","PackageName":"sabu","PackageOwner":"wesleybliss","Downloads":"1","Forks":"4","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Directory Traversal","Severity":"7.5","AffectedVersionRange":"*","DisclosureDate":"2020-08-17","PrNumber":"1073","Live":false,"Bounty":{"Credit":"750","Cash":"40"},"Repository":{"Name":"sabu","Owner":"wesleybliss"},"FixSubmissionCount":0},{"ID":"1-npm-safe-flat","Registry":"npm","PackageName":"safe-flat","PackageOwner":"jessie-codes","Downloads":"402","Forks":"8","Stars":"3","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-10-30","PrNumber":"1074","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"safe-flat","Owner":"jessie-codes"},"FixSubmissionCount":0},{"ID":"1-npm-safe-obj","Registry":"npm","PackageName":"safe-obj","PackageOwner":"tandrewnichols","Downloads":"500","Forks":"1","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-30","PrNumber":"1814","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"safe-obj","Owner":"tandrewnichols"},"FixSubmissionCount":4},{"ID":"1-npm-safe-object2","Registry":"npm","PackageName":"safe-object2","PackageOwner":"jiameng123","Downloads":"9","Forks":"3","Stars":"1","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"6.5","AffectedVersionRange":"*","DisclosureDate":"2020-09-08","PrNumber":"1075","Live":false,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"safe-object","Owner":"jiameng123"},"FixSubmissionCount":0},{"ID":"1-npm-safer-eval","Registry":"npm","PackageName":"safer-eval","PackageOwner":"commenthol","Downloads":"24573","Forks":"17","Stars":"19","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"9.9","AffectedVersionRange":"*","DisclosureDate":"2020-02-21","PrNumber":"1076","Live":false,"Bounty":{"Credit":"990","Cash":"40"},"Repository":{"Name":"safer-eval","Owner":"commenthol"},"FixSubmissionCount":0},{"ID":"1-npm-safetydance","Registry":"npm","PackageName":"safetydance","PackageOwner":"gramakri","Downloads":"339","Forks":"4","Stars":"5","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-10-16","PrNumber":"1077","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"safetydance","Owner":"gramakri"},"FixSubmissionCount":0},{"ID":"1-npm-scala-bin","Registry":"npm","PackageName":"scala-bin","PackageOwner":"k-kinzal","Downloads":"1","Forks":"4","Stars":"1","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Resources Downloaded over Insecure Protocol","Severity":"5.0","AffectedVersionRange":"*","DisclosureDate":"2020-08-17","PrNumber":"1078","Live":false,"Bounty":{"Credit":"500","Cash":"40"},"Repository":{"Name":"scala-bin","Owner":"k-kinzal"},"FixSubmissionCount":0},{"ID":"1-npm-scalajs-standalone-bin","Registry":"npm","PackageName":"scalajs-standalone-bin","PackageOwner":"k-kinzal","Downloads":"1","Forks":"3","Stars":"3","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Resources Downloaded over Insecure Protocol","Severity":"7.1","AffectedVersionRange":"*","DisclosureDate":"2020-08-17","PrNumber":"1079","Live":false,"Bounty":{"Credit":"710","Cash":"40"},"Repository":{"Name":"scalajs-standalone-bin","Owner":"k-kinzal"},"FixSubmissionCount":0},{"ID":"1-npm-sceditor","Registry":"npm","PackageName":"sceditor","PackageOwner":"samclarke","Downloads":"364","Forks":"164","Stars":"486","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"8.3","AffectedVersionRange":"*","DisclosureDate":"2020-02-21","PrNumber":"","Live":false,"Bounty":{"Credit":"830","Cash":"40"},"Repository":{"Name":"SCEditor","Owner":"samclarke"},"FixSubmissionCount":0},{"ID":"1-npm-sds","Registry":"npm","PackageName":"sds","PackageOwner":"monsterkodi","Downloads":"32","Forks":"3","Stars":"1","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"CoffeeScript","VulnerabilityDescription":"Prototype Pollution","Severity":"4","AffectedVersionRange":"*","DisclosureDate":"2020-08-17","PrNumber":"1080","Live":false,"Bounty":{"Credit":"400","Cash":"40"},"Repository":{"Name":"sds","Owner":"monsterkodi"},"FixSubmissionCount":0},{"ID":"1-npm-secure-servedir","Registry":"npm","PackageName":"secure-servedir","PackageOwner":"evanw","Downloads":"2","Forks":"2","Stars":"4","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Directory Traversal","Severity":"7.5","AffectedVersionRange":"*","DisclosureDate":"2020-08-17","PrNumber":"1081","Live":false,"Bounty":{"Credit":"750","Cash":"40"},"Repository":{"Name":"servedir","Owner":"evanw"},"FixSubmissionCount":0},{"ID":"1-npm-selenium-binaries","Registry":"npm","PackageName":"selenium-binaries","PackageOwner":"spunjs","Downloads":"51","Forks":"15","Stars":"10","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Resources Downloaded over Insecure Protocol","Severity":"7.1","AffectedVersionRange":"*","DisclosureDate":"2020-08-17","PrNumber":"1082","Live":false,"Bounty":{"Credit":"710","Cash":"40"},"Repository":{"Name":"selenium-binaries","Owner":"spunjs"},"FixSubmissionCount":0},{"ID":"1-npm-selenium-wrapper","Registry":"npm","PackageName":"selenium-wrapper","PackageOwner":"arian","Downloads":"1","Forks":"5","Stars":"2","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Resources Downloaded over Insecure Protocol","Severity":"5.0","AffectedVersionRange":"*","DisclosureDate":"2020-08-17","PrNumber":"1083","Live":false,"Bounty":{"Credit":"500","Cash":"40"},"Repository":{"Name":"selenium-wrapper","Owner":"arian"},"FixSubmissionCount":0},{"ID":"1-npm-serial-number","Registry":"npm","PackageName":"serial-number","PackageOwner":"es128","Downloads":"1210","Forks":"18","Stars":"35","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"7.5","AffectedVersionRange":"*","DisclosureDate":"2020-08-17","PrNumber":"1084","Live":false,"Bounty":{"Credit":"750","Cash":"40"},"Repository":{"Name":"serial-number","Owner":"es128"},"FixSubmissionCount":0},{"ID":"1-npm-server-static","Registry":"npm","PackageName":"server-static","PackageOwner":"rwson","Downloads":"278","Forks":"5","Stars":"2","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Directory Traversal","Severity":"7.5","AffectedVersionRange":"*","DisclosureDate":"2020-08-17","PrNumber":"1085","Live":false,"Bounty":{"Credit":"750","Cash":"40"},"Repository":{"Name":"server-static","Owner":"rwson"},"FixSubmissionCount":0},{"ID":"1-npm-set-each","Registry":"npm","PackageName":"set-each","PackageOwner":"natqe","Downloads":"3","Forks":"2","Stars":"1","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Prototype Pollution","Severity":"7.3","AffectedVersionRange":"*","DisclosureDate":"2021-02-02","PrNumber":"1825","Live":true,"Bounty":{"Credit":"730","Cash":"40"},"Repository":{"Name":"utilizes","Owner":"natqe"},"FixSubmissionCount":1},{"ID":"1-npm-set-object-value","Registry":"npm","PackageName":"set-object-value","PackageOwner":"react-atomic","Downloads":"25","Forks":"4","Stars":"7","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-10","PrNumber":"1497","Live":true,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"react-atomic-organism","Owner":"react-atomic"},"FixSubmissionCount":1},{"ID":"1-npm-set-or-get","Registry":"npm","PackageName":"set-or-get","PackageOwner":"IonicaBizau","Downloads":"351","Forks":"2","Stars":"1","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-12-17","PrNumber":"1397","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"set-or-get.js","Owner":"IonicaBizau"},"FixSubmissionCount":0},{"ID":"1-npm-sfml","Registry":"npm","PackageName":"sfml","PackageOwner":"bmeck","Downloads":"64","Forks":"9","Stars":"24","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"C++","VulnerabilityDescription":"Resources Downloaded over Insecure Protocol","Severity":"7.1","AffectedVersionRange":"*","DisclosureDate":"2020-08-17","PrNumber":"1086","Live":false,"Bounty":{"Credit":"710","Cash":"40"},"Repository":{"Name":"node-sfml","Owner":"bmeck"},"FixSubmissionCount":0},{"ID":"1-npm-sgt-fields","Registry":"npm","PackageName":"sgt-fields","PackageOwner":"rodrigocmoreira","Downloads":"8","Forks":"4","Stars":"5","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-12-21","PrNumber":"1429","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"sgt-fields","Owner":"rodrigocmoreira"},"FixSubmissionCount":0},{"ID":"1-npm-shvl","Registry":"npm","PackageName":"shvl","PackageOwner":"robinvdvleuten","Downloads":"128039","Forks":"9","Stars":"59","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"7.3","AffectedVersionRange":"*","DisclosureDate":"2021-01-06","PrNumber":"1548","Live":false,"Bounty":{"Credit":"730","Cash":"40"},"Repository":{"Name":"shvl","Owner":"robinvdvleuten"},"FixSubmissionCount":0},{"ID":"1-npm-simple-crypto-js","Registry":"npm","PackageName":"simple-crypto-js","PackageOwner":"danang-id","Downloads":"7707","Forks":"24","Stars":"70","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Insecure Cryptography Algorithm","Severity":"5.9","AffectedVersionRange":"*","DisclosureDate":"2020-03-13","PrNumber":"","Live":false,"Bounty":{"Credit":"590","Cash":"40"},"Repository":{"Name":"simple-crypto-js","Owner":"danang-id"},"FixSubmissionCount":0},{"ID":"1-npm-simple-deep-assign","Registry":"npm","PackageName":"simple-deep-assign","PackageOwner":"ygoto3","Downloads":"16","Forks":"3","Stars":"1","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-10","PrNumber":"1522","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"simple-deep-assign","Owner":"ygoto3"},"FixSubmissionCount":1},{"ID":"1-npm-simple-open-url","Registry":"npm","PackageName":"simple-open-url","PackageOwner":"codinggirl","Downloads":"295","Forks":"3","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Code Injection","Severity":"7.2","AffectedVersionRange":"*","DisclosureDate":"2020-05-08","PrNumber":"1087","Live":false,"Bounty":{"Credit":"720","Cash":"40"},"Repository":{"Name":"simple-open-url","Owner":"codinggirl"},"FixSubmissionCount":0},{"ID":"1-npm-smart-extend","Registry":"npm","PackageName":"smart-extend","PackageOwner":"danielkalen","Downloads":"176","Forks":"3","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"CoffeeScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-09-03","PrNumber":"1088","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"smart-extend","Owner":"danielkalen"},"FixSubmissionCount":0},{"ID":"1-npm-snekserve","Registry":"npm","PackageName":"snekserve","PackageOwner":"lap00zza","Downloads":"1","Forks":"4","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Stored Cross-site Scripting (XSS)","Severity":"4.3","AffectedVersionRange":"*","DisclosureDate":"2019-09-14","PrNumber":"1089","Live":false,"Bounty":{"Credit":"430","Cash":"40"},"Repository":{"Name":"Snek-Serve","Owner":"lap00zza"},"FixSubmissionCount":0},{"ID":"1-npm-sonar-wrapper","Registry":"npm","PackageName":"sonar-wrapper","PackageOwner":"llooiicc","Downloads":"2","Forks":"2","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"7.3","AffectedVersionRange":"*","DisclosureDate":"2021-02-04","PrNumber":"1839","Live":true,"Bounty":{"Credit":"730","Cash":"40"},"Repository":{"Name":"sonar-wrapper","Owner":"llooiicc"},"FixSubmissionCount":1},{"ID":"1-npm-squel","Registry":"npm","PackageName":"squel","PackageOwner":"hiddentao","Downloads":"35124","Forks":"229","Stars":"1537","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"CoffeeScript","VulnerabilityDescription":"SQL Injection","Severity":"6.3","AffectedVersionRange":"*","DisclosureDate":"2020-08-10","PrNumber":"1090","Live":false,"Bounty":{"Credit":"630","Cash":"40"},"Repository":{"Name":"squel","Owner":"hiddentao"},"FixSubmissionCount":0},{"ID":"1-npm-static-eval","Registry":"npm","PackageName":"static-eval","PackageOwner":"browserify","Downloads":"1489846","Forks":"24","Stars":"146","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Remote Code Execution","Severity":"9.8","AffectedVersionRange":"*","DisclosureDate":"2021-02-13","PrNumber":"1883","Live":true,"Bounty":{"Credit":"980","Cash":"40"},"Repository":{"Name":"static-eval","Owner":"browserify"},"FixSubmissionCount":""},{"ID":"1-npm-strider-git","Registry":"npm","PackageName":"strider-git","PackageOwner":"Strider-CD","Downloads":"55","Forks":"19","Stars":"12","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Remote Code Execution","Severity":"7.8","AffectedVersionRange":"*","DisclosureDate":"2020-06-16","PrNumber":"1091","Live":false,"Bounty":{"Credit":"780","Cash":"40"},"Repository":{"Name":"strider-git","Owner":"Strider-CD"},"FixSubmissionCount":0},{"ID":"1-npm-strong-build","Registry":"npm","PackageName":"strong-build","PackageOwner":"strongloop","Downloads":"879","Forks":"13","Stars":"46","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Remote Code Execution","Severity":"4.0","AffectedVersionRange":"*","DisclosureDate":"2020-04-18","PrNumber":"1092","Live":false,"Bounty":{"Credit":"400","Cash":"40"},"Repository":{"Name":"strong-build","Owner":"strongloop"},"FixSubmissionCount":0},{"ID":"1-npm-summernote","Registry":"npm","PackageName":"summernote","PackageOwner":"summernote","Downloads":"58930","Forks":"2115","Stars":"10055","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"4.3","AffectedVersionRange":"*","DisclosureDate":"2020-05-20","PrNumber":"1093","Live":false,"Bounty":{"Credit":"430","Cash":"40"},"Repository":{"Name":"summernote","Owner":"summernote"},"FixSubmissionCount":0},{"ID":"1-npm-superstatic","Registry":"npm","PackageName":"superstatic","PackageOwner":"firebase","Downloads":"313054","Forks":"87","Stars":"1012","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Path Traversal","Severity":"7.5","AffectedVersionRange":"*","DisclosureDate":"2020-08-07","PrNumber":"1094","Live":false,"Bounty":{"Credit":"750","Cash":"40"},"Repository":{"Name":"superstatic","Owner":"firebase"},"FixSubmissionCount":0},{"ID":"2-npm-superstatic","Registry":"npm","PackageName":"superstatic","PackageOwner":"firebase","Downloads":"313054","Forks":"87","Stars":"1012","PackageVulnerabilityID":"2","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Path Traversal","Severity":"7.5","AffectedVersionRange":"*","DisclosureDate":"2020-09-29","PrNumber":"1095","Live":false,"Bounty":{"Credit":"750","Cash":"40"},"Repository":{"Name":"superstatic","Owner":"firebase"},"FixSubmissionCount":0},{"ID":"1-npm-svg2png","Registry":"npm","PackageName":"svg2png","PackageOwner":"domenic","Downloads":"35843","Forks":"137","Stars":"527","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Cross Site Scripting (XSS)","Severity":"6.5","AffectedVersionRange":"*","DisclosureDate":"2020-04-27","PrNumber":"","Live":false,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"svg2png","Owner":"domenic"},"FixSubmissionCount":0},{"ID":"1-npm-svn","Registry":"npm","PackageName":"svn","PackageOwner":"courajs","Downloads":"82","Forks":"7","Stars":"6","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Remote Code Execution","Severity":"3.1","AffectedVersionRange":"*","DisclosureDate":"2020-05-02","PrNumber":"1096","Live":false,"Bounty":{"Credit":"310","Cash":"40"},"Repository":{"Name":"node-svn","Owner":"courajs"},"FixSubmissionCount":0},{"ID":"1-npm-sync-exec","Registry":"npm","PackageName":"sync-exec","PackageOwner":"gvarsanyi","Downloads":"86623","Forks":"15","Stars":"37","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"CoffeeScript","VulnerabilityDescription":"Insecure Temporary File","Severity":"4","AffectedVersionRange":"*","DisclosureDate":"2020-08-10","PrNumber":"1097","Live":false,"Bounty":{"Credit":"400","Cash":"40"},"Repository":{"Name":"sync-exec","Owner":"gvarsanyi"},"FixSubmissionCount":0},{"ID":"1-npm-systeminformation","Registry":"npm","PackageName":"systeminformation","PackageOwner":"sebhildebrandt","Downloads":"797553","Forks":"188","Stars":"1439","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Denial of Service","Severity":"5.3","AffectedVersionRange":"*","DisclosureDate":"2021-02-11","PrNumber":"1865","Live":true,"Bounty":{"Credit":"530","Cash":"40"},"Repository":{"Name":"systeminformation","Owner":"sebhildebrandt"},"FixSubmissionCount":1},{"ID":"2-npm-systeminformation","Registry":"npm","PackageName":"systeminformation","PackageOwner":"sebhildebrandt","Downloads":"797553","Forks":"188","Stars":"1439","PackageVulnerabilityID":"2","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"8.8","AffectedVersionRange":"*","DisclosureDate":"2021-02-12","PrNumber":"1878","Live":true,"Bounty":{"Credit":"880","Cash":"40"},"Repository":{"Name":"systeminformation","Owner":"sebhildebrandt"},"FixSubmissionCount":0},{"ID":"1-npm-tagged-git-commits","Registry":"npm","PackageName":"tagged-git-commits","PackageOwner":"aichbauer","Downloads":"1","Forks":"3","Stars":"1","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Remote Code Execution","Severity":"8.3","AffectedVersionRange":"*","DisclosureDate":"2020-06-30","PrNumber":"1098","Live":false,"Bounty":{"Credit":"830","Cash":"40"},"Repository":{"Name":"node-tagged-git-commits","Owner":"aichbauer"},"FixSubmissionCount":0},{"ID":"1-npm-timespan","Registry":"npm","PackageName":"timespan","PackageOwner":"indexzero","Downloads":"198881","Forks":"9","Stars":"26","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Regular Expression Denial of Service (ReDoS)","Severity":"7.5","AffectedVersionRange":"*","DisclosureDate":"2020-08-06","PrNumber":"1099","Live":false,"Bounty":{"Credit":"750","Cash":"40"},"Repository":{"Name":"TimeSpan.js","Owner":"indexzero"},"FixSubmissionCount":0},{"ID":"1-npm-total.js","Registry":"npm","PackageName":"total.js","PackageOwner":"totaljs","Downloads":"1328","Forks":"453","Stars":"4109","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"7.3","AffectedVersionRange":"*","DisclosureDate":"2021-02-04","PrNumber":"1844","Live":false,"Bounty":{"Credit":"730","Cash":"40"},"Repository":{"Name":"framework","Owner":"totaljs"},"FixSubmissionCount":1},{"ID":"1-npm-tree-kit","Registry":"npm","PackageName":"tree-kit","PackageOwner":"cronvel","Downloads":"27979","Forks":"5","Stars":"23","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-26","PrNumber":"1786","Live":true,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"tree-kit","Owner":"cronvel"},"FixSubmissionCount":1},{"ID":"1-npm-ts-nodash","Registry":"npm","PackageName":"ts-nodash","PackageOwner":"BadOPCode","Downloads":"2","Forks":"3","Stars":"1","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-12-21","PrNumber":"1421","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"NoDash","Owner":"BadOPCode"},"FixSubmissionCount":0},{"ID":"1-npm-ts-options-defaults","Registry":"npm","PackageName":"ts-options-defaults","PackageOwner":"radarsu","Downloads":"1","Forks":"3","Stars":"1","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-11-24","PrNumber":"1269","Live":true,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"options-defaults","Owner":"radarsu"},"FixSubmissionCount":0},{"ID":"1-npm-unbox","Registry":"npm","PackageName":"unbox","PackageOwner":"KoryNunn","Downloads":"164","Forks":"6","Stars":"2","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"7.3","AffectedVersionRange":"*","DisclosureDate":"2021-01-06","PrNumber":"1456","Live":false,"Bounty":{"Credit":"730","Cash":"40"},"Repository":{"Name":"unbox","Owner":"KoryNunn"},"FixSubmissionCount":2},{"ID":"1-npm-unicorn-list","Registry":"npm","PackageName":"unicorn-list","PackageOwner":"vannio","Downloads":"1","Forks":"4","Stars":"1","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Directory Traversal","Severity":"7.5","AffectedVersionRange":"*","DisclosureDate":"2020-08-17","PrNumber":"1100","Live":false,"Bounty":{"Credit":"750","Cash":"40"},"Repository":{"Name":"unicorn-framework","Owner":"vannio"},"FixSubmissionCount":0},{"ID":"1-npm-url-regexp","Registry":"npm","PackageName":"url-regexp","PackageOwner":"gajus","Downloads":"28138","Forks":"4","Stars":"7","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Regular Expression Denial of Service (ReDoS)","Severity":"7.5","AffectedVersionRange":"*","DisclosureDate":"2020-06-24","PrNumber":"1101","Live":false,"Bounty":{"Credit":"750","Cash":"40"},"Repository":{"Name":"url-regexp","Owner":"gajus"},"FixSubmissionCount":0},{"ID":"1-npm-urlregex","Registry":"npm","PackageName":"urlregex","PackageOwner":"nescalante","Downloads":"1245","Forks":"9","Stars":"5","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Regular Expression Denial of Service (ReDoS)","Severity":"7.5","AffectedVersionRange":"*","DisclosureDate":"2020-06-24","PrNumber":"1102","Live":false,"Bounty":{"Credit":"750","Cash":"40"},"Repository":{"Name":"urlregex","Owner":"nescalante"},"FixSubmissionCount":0},{"ID":"1-npm-useragent","Registry":"npm","PackageName":"useragent","PackageOwner":"3rd-Eden","Downloads":"1351942","Forks":"120","Stars":"841","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Regular Expression Denial of Service (ReDoS)","Severity":"7.5","AffectedVersionRange":"*","DisclosureDate":"2020-08-23","PrNumber":"1103","Live":false,"Bounty":{"Credit":"750","Cash":"40"},"Repository":{"Name":"useragent","Owner":"3rd-Eden"},"FixSubmissionCount":0},{"ID":"1-npm-utilizes.set","Registry":"npm","PackageName":"utilizes.set","PackageOwner":"natqe","Downloads":"1","Forks":"2","Stars":"1","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Prototype Pollution","Severity":"6.5","AffectedVersionRange":"*","DisclosureDate":"2021-02-04","PrNumber":"1835","Live":true,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"utilizes","Owner":"natqe"},"FixSubmissionCount":""},{"ID":"1-npm-v-charts","Registry":"npm","PackageName":"v-charts","PackageOwner":"ElemeFE","Downloads":"2915","Forks":"1047","Stars":"6277","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"6.1","AffectedVersionRange":"*","DisclosureDate":"2021-01-04","PrNumber":"1386","Live":true,"Bounty":{"Credit":"610","Cash":"40"},"Repository":{"Name":"v-charts","Owner":"ElemeFE"},"FixSubmissionCount":1},{"ID":"1-npm-valib","Registry":"npm","PackageName":"valib","PackageOwner":"riquito","Downloads":"158","Forks":"3","Stars":"28","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Internal Property Tampering","Severity":"7.5","AffectedVersionRange":"*","DisclosureDate":"2020-03-13","Live":false,"Bounty":{"Credit":"750","Cash":"40"},"Repository":{"Name":"valib","Owner":"riquito"},"FixSubmissionCount":0},{"ID":"1-npm-video-length","Registry":"npm","PackageName":"video-length","PackageOwner":"tpkn","Downloads":"49","Forks":"4","Stars":"2","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Remote Code Execution","Severity":"4.0","AffectedVersionRange":"*","DisclosureDate":"2020-04-15","PrNumber":"1104","Live":false,"Bounty":{"Credit":"400","Cash":"40"},"Repository":{"Name":"video-length","Owner":"tpkn"},"FixSubmissionCount":0},{"ID":"1-npm-virtualbox","Registry":"npm","PackageName":"virtualbox","PackageOwner":"Node-Virtualization","Downloads":"469","Forks":"70","Stars":"231","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"7.3","AffectedVersionRange":"*","DisclosureDate":"2020-04-02","PrNumber":"","Live":false,"Bounty":{"Credit":"730","Cash":"40"},"Repository":{"Name":"node-virtualbox","Owner":"Node-Virtualization"},"FixSubmissionCount":0},{"ID":"1-npm-vizion","Registry":"npm","PackageName":"vizion","PackageOwner":"keymetrics","Downloads":"764108","Forks":"13","Stars":"28","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Remote Code Execution","Severity":"7.3","AffectedVersionRange":"*","DisclosureDate":"2020-04-03","Live":false,"Bounty":{"Credit":"730","Cash":"40"},"Repository":{"Name":"vizion","Owner":"keymetrics"},"FixSubmissionCount":0},{"ID":"1-npm-wdio-testrecorder-reporter","Registry":"npm","PackageName":"wdio-testrecorder-reporter","PackageOwner":"tamil777selvan","Downloads":"39","Forks":"3","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Remote Code Execution","Severity":"8.3","AffectedVersionRange":"*","DisclosureDate":"2020-06-30","PrNumber":"1105","Live":false,"Bounty":{"Credit":"830","Cash":"40"},"Repository":{"Name":"wdio-testrecorder-reporter","Owner":"tamil777selvan"},"FixSubmissionCount":0},{"ID":"1-npm-web-node-server","Registry":"npm","PackageName":"web-node-server","PackageOwner":"youngerheart","Downloads":"1","Forks":"7","Stars":"1","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Directory Traversal","Severity":"7.5","AffectedVersionRange":"*","DisclosureDate":"2020-08-17","PrNumber":"1106","Live":false,"Bounty":{"Credit":"750","Cash":"40"},"Repository":{"Name":"nodeserver","Owner":"youngerheart"},"FixSubmissionCount":0},{"ID":"1-npm-web3","Registry":"npm","PackageName":"web3","PackageOwner":"ethereum","Downloads":"208343","Forks":"3105","Stars":"9699","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Insecure Credential Storage","Severity":"3.3","AffectedVersionRange":"*","DisclosureDate":"2020-08-10","PrNumber":"1107","Live":true,"Bounty":{"Credit":"330","Cash":"40"},"Repository":{"Name":"web3.js","Owner":"ethereum"},"FixSubmissionCount":0},{"ID":"1-npm-webrepl","Registry":"npm","PackageName":"webrepl","PackageOwner":"mmattozzi","Downloads":"3","Forks":"12","Stars":"36","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Directory Traversal","Severity":"7.5","AffectedVersionRange":"*","DisclosureDate":"2020-08-17","PrNumber":"1108","Live":false,"Bounty":{"Credit":"750","Cash":"40"},"Repository":{"Name":"webrepl","Owner":"mmattozzi"},"FixSubmissionCount":0},{"ID":"1-npm-windows-edge","Registry":"npm","PackageName":"windows-edge","PackageOwner":"eugeneware","Downloads":"61","Forks":"4","Stars":"3","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"7.3","AffectedVersionRange":"*","DisclosureDate":"2020-06-16","PrNumber":"1109","Live":false,"Bounty":{"Credit":"730","Cash":"40"},"Repository":{"Name":"windows-edge","Owner":"eugeneware"},"FixSubmissionCount":0},{"ID":"1-npm-windows-shortcuts","Registry":"npm","PackageName":"windows-shortcuts","PackageOwner":"j201","Downloads":"632","Forks":"30","Stars":"61","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"5.9","AffectedVersionRange":"*","DisclosureDate":"2020-07-28","PrNumber":"1110","Live":false,"Bounty":{"Credit":"590","Cash":"40"},"Repository":{"Name":"windows-shortcuts","Owner":"j201"},"FixSubmissionCount":0},{"ID":"1-npm-wireless-tools","Registry":"npm","PackageName":"wireless-tools","PackageOwner":"bakerface","Downloads":"1319","Forks":"59","Stars":"139","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Remote Code Execution","Severity":"3.1","AffectedVersionRange":"*","DisclosureDate":"2020-05-02","PrNumber":"1111","Live":false,"Bounty":{"Credit":"310","Cash":"40"},"Repository":{"Name":"wireless-tools","Owner":"bakerface"},"FixSubmissionCount":0},{"ID":"1-npm-wisper","Registry":"npm","PackageName":"wisper","PackageOwner":"toejough","Downloads":"2","Forks":"4","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Arbitrary File Write","Severity":"7.3","AffectedVersionRange":"*","DisclosureDate":"2020-08-17","PrNumber":"1112","Live":false,"Bounty":{"Credit":"730","Cash":"40"},"Repository":{"Name":"wisper","Owner":"toejough"},"FixSubmissionCount":0},{"ID":"1-npm-wixtoolset","Registry":"npm","PackageName":"wixtoolset","PackageOwner":"adamthesax","Downloads":"1","Forks":"10","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Resources Downloaded over Insecure Protocol","Severity":"7.1","AffectedVersionRange":"*","DisclosureDate":"2020-08-17","PrNumber":"1113","Live":false,"Bounty":{"Credit":"710","Cash":"40"},"Repository":{"Name":"node-wixtoolset","Owner":"adamthesax"},"FixSubmissionCount":0},{"ID":"1-npm-wkhtmltoimage","Registry":"npm","PackageName":"wkhtmltoimage","PackageOwner":"timstudd","Downloads":"3084","Forks":"10","Stars":"17","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Remote Code Execution","Severity":"3.1","AffectedVersionRange":"*","DisclosureDate":"2020-05-02","PrNumber":"1114","Live":false,"Bounty":{"Credit":"310","Cash":"40"},"Repository":{"Name":"node-wkhtmltoimage","Owner":"timstudd"},"FixSubmissionCount":0},{"ID":"1-npm-worksmith","Registry":"npm","PackageName":"worksmith","PackageOwner":"guidesmiths","Downloads":"9","Forks":"5","Stars":"4","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"6.5","AffectedVersionRange":"*","DisclosureDate":"2020-09-08","PrNumber":"1115","Live":false,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"worksmith","Owner":"guidesmiths"},"FixSubmissionCount":0},{"ID":"1-npm-wrk","Registry":"npm","PackageName":"wrk","PackageOwner":"sidorares","Downloads":"1220","Forks":"17","Stars":"73","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Remote Code Execution","Severity":"3.1","AffectedVersionRange":"*","DisclosureDate":"2020-04-21","PrNumber":"1116","Live":false,"Bounty":{"Credit":"310","Cash":"40"},"Repository":{"Name":"node-wrk","Owner":"sidorares"},"FixSubmissionCount":0},{"ID":"1-npm-wrlc","Registry":"npm","PackageName":"wrlc","PackageOwner":"caspervonb","Downloads":"3","Forks":"4","Stars":"2","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Directory Traversal","Severity":"7.5","AffectedVersionRange":"*","DisclosureDate":"2020-08-17","PrNumber":"1117","Live":false,"Bounty":{"Credit":"750","Cash":"40"},"Repository":{"Name":"wrlc","Owner":"caspervonb"},"FixSubmissionCount":0},{"ID":"1-npm-wxchangba","Registry":"npm","PackageName":"wxchangba","PackageOwner":"fritx","Downloads":"85","Forks":"19","Stars":"54","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"CSS","VulnerabilityDescription":"Arbitrary Code Injection","Severity":"8.6","AffectedVersionRange":"*","DisclosureDate":"2020-02-28","PrNumber":"","Live":false,"Bounty":{"Credit":"860","Cash":"40"},"Repository":{"Name":"wxchangba","Owner":"fritx"},"FixSubmissionCount":0},{"ID":"1-npm-x-editable","Registry":"npm","PackageName":"x-editable","PackageOwner":"vitalets","Downloads":"14761","Forks":"1687","Stars":"6437","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-08-10","PrNumber":"1118","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"x-editable","Owner":"vitalets"},"FixSubmissionCount":0},{"ID":"1-npm-xe-utils","Registry":"npm","PackageName":"xe-utils","PackageOwner":"x-extends","Downloads":"2924","Forks":"51","Stars":"202","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"<=3.0.4","DisclosureDate":"2021-01-07","PrNumber":"1460","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"xe-utils","Owner":"x-extends"},"FixSubmissionCount":1},{"ID":"1-npm-xopen","Registry":"npm","PackageName":"xopen","PackageOwner":"andrewimm","Downloads":"118","Forks":"2","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Command Injection","Severity":"7.3","AffectedVersionRange":"*","DisclosureDate":"2021-02-04","PrNumber":"1838","Live":true,"Bounty":{"Credit":"730","Cash":"40"},"Repository":{"Name":"xopen","Owner":"andrewimm"},"FixSubmissionCount":1},{"ID":"1-npm-y18n","Registry":"npm","PackageName":"y18n","PackageOwner":"yargs","Downloads":"29593243","Forks":"24","Stars":"95","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-10-15","PrNumber":"1119","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"y18n","Owner":"yargs"},"FixSubmissionCount":0},{"ID":"1-npm-yarpm","Registry":"npm","PackageName":"yarpm","PackageOwner":"BendingBender","Downloads":"1352","Forks":"7","Stars":"17","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Remote Code Execution","Severity":"4.0","AffectedVersionRange":"*","DisclosureDate":"2020-04-13","PrNumber":"1120","Live":false,"Bounty":{"Credit":"400","Cash":"40"},"Repository":{"Name":"yarpm","Owner":"BendingBender"},"FixSubmissionCount":0},{"ID":"1-npm-yup","Registry":"npm","PackageName":"yup","PackageOwner":"jquense","Downloads":"1935029","Forks":"545","Stars":"12425","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Prototype Pollution","Severity":"7.3","AffectedVersionRange":"*","DisclosureDate":"2020-10-25","PrNumber":"1121","Live":false,"Bounty":{"Credit":"730","Cash":"40"},"Repository":{"Name":"yup","Owner":"jquense"},"FixSubmissionCount":0},{"ID":"1-npm-zingchart","Registry":"npm","PackageName":"zingchart","PackageOwner":"zingchart","Downloads":"1988","Forks":"48","Stars":"235","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"6.1","AffectedVersionRange":"*","DisclosureDate":"2020-11-11","PrNumber":"899","Live":true,"Bounty":{"Credit":"610","Cash":"40"},"Repository":{"Name":"ZingChart","Owner":"zingchart"},"FixSubmissionCount":0},{"ID":"1-npm-zingchart-react","Registry":"npm","PackageName":"zingchart-react","PackageOwner":"zingchart","Downloads":"448","Forks":"21","Stars":"87","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"6.1","AffectedVersionRange":"*","DisclosureDate":"2020-11-24","PrNumber":"1247","Live":false,"Bounty":{"Credit":"610","Cash":"40"},"Repository":{"Name":"zingchart-react","Owner":"zingchart"},"FixSubmissionCount":1},{"ID":"1-npm-zingchart-vue","Registry":"npm","PackageName":"zingchart-vue","PackageOwner":"zingchart","Downloads":"281","Forks":"4","Stars":"20","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Vue","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"6.1","AffectedVersionRange":"*","DisclosureDate":"2020-11-24","PrNumber":"1248","Live":true,"Bounty":{"Credit":"610","Cash":"40"},"Repository":{"Name":"zingchart-vue","Owner":"zingchart"},"FixSubmissionCount":0},{"ID":"1-other-CRNN_Chinese_Characters_Rec","Registry":"other","PackageName":"CRNN_Chinese_Characters_Rec","PackageOwner":"Sierkinhane","Downloads":"0","Forks":"426","Stars":"1227","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.9","AffectedVersionRange":"*","DisclosureDate":"2021-01-30","PrNumber":"1808","Live":true,"Bounty":{"Credit":"890","Cash":"40"},"Repository":{"Name":"CRNN_Chinese_Characters_Rec","Owner":"Sierkinhane"},"FixSubmissionCount":2},{"ID":"1-other-Crypto-Signal","Registry":"other","PackageName":"Crypto-Signal","PackageOwner":"CryptoSignal","Downloads":"0","Forks":"683","Stars":"2.5K","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.1","AffectedVersionRange":"*","DisclosureDate":"2021-01-31","PrNumber":"1812","Live":true,"Bounty":{"Credit":"810","Cash":"40"},"Repository":{"Name":"Crypto-Signal.git","Owner":"CryptoSignal"},"FixSubmissionCount":1},{"ID":"1-other-DNNLibrary","Registry":"other","PackageName":"DNNLibrary","PackageOwner":"JDAI-CV","Downloads":"0","Forks":"49","Stars":"306","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"C++","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.5","AffectedVersionRange":"*","DisclosureDate":"2021-01-31","PrNumber":"1815","Live":true,"Bounty":{"Credit":"850","Cash":"40"},"Repository":{"Name":"DNNLibrary","Owner":"JDAI-CV"},"FixSubmissionCount":1},{"ID":"1-other-DataSciComp","Registry":"other","PackageName":"DataSciComp","PackageOwner":"iphysresearch","Downloads":"0","Forks":"317","Stars":"1634","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.5","AffectedVersionRange":"*","DisclosureDate":"2021-01-31","PrNumber":"1817","Live":true,"Bounty":{"Credit":"850","Cash":"40"},"Repository":{"Name":"DataSciComp","Owner":"iphysresearch"},"FixSubmissionCount":1},{"ID":"1-other-DeepLearningExamples","Registry":"other","PackageName":"DeepLearningExamples","PackageOwner":"NVIDIA","Downloads":"0","Forks":"1594","Stars":"5458","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"C++","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"7.2","AffectedVersionRange":"*","DisclosureDate":"2020-12-21","PrNumber":"1317","Live":false,"Bounty":{"Credit":"720","Cash":"40"},"Repository":{"Name":"DeepLearningExamples","Owner":"NVIDIA"},"FixSubmissionCount":1},{"ID":"1-other-DeepSpeech","Registry":"other","PackageName":"DeepSpeech","PackageOwner":"mozilla","Downloads":"0","Forks":"3068","Stars":"16537","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"C++","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"6.5","AffectedVersionRange":"*","DisclosureDate":"2020-12-21","PrNumber":"1310","Live":false,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"DeepSpeech","Owner":"mozilla"},"FixSubmissionCount":1},{"ID":"1-other-analytics-zoo","Registry":"other","PackageName":"analytics-zoo","PackageOwner":"intel-analytics","Downloads":"0","Forks":"634","Stars":"2198","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Jupyter Notebook","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"7.2","AffectedVersionRange":"*","DisclosureDate":"2020-12-21","PrNumber":"1362","Live":false,"Bounty":{"Credit":"720","Cash":"40"},"Repository":{"Name":"analytics-zoo","Owner":"intel-analytics"},"FixSubmissionCount":1},{"ID":"1-other-apollo","Registry":"other","PackageName":"apollo","PackageOwner":"ApolloAuto","Downloads":"0","Forks":"6956","Stars":"17860","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"C++","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"6.5","AffectedVersionRange":"*","DisclosureDate":"2020-12-21","PrNumber":"1374","Live":false,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"apollo","Owner":"ApolloAuto"},"FixSubmissionCount":0},{"ID":"1-other-arastta","Registry":"other","PackageName":"arastta","PackageOwner":"arastta","Downloads":"0","Forks":"88","Stars":"253","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"PHP","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"8.1","AffectedVersionRange":"*","DisclosureDate":"2020-09-13","PrNumber":"885","Live":false,"Bounty":{"Credit":"810","Cash":"40"},"Repository":{"Name":"arastta","Owner":"arastta"},"FixSubmissionCount":0},{"ID":"1-other-automl","Registry":"other","PackageName":"automl","PackageOwner":"google","Downloads":"0","Forks":"977","Stars":"3751","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Jupyter Notebook","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.5","AffectedVersionRange":"*","DisclosureDate":"2021-01-28","PrNumber":"1804","Live":true,"Bounty":{"Credit":"850","Cash":"40"},"Repository":{"Name":"automl","Owner":"google"},"FixSubmissionCount":1},{"ID":"1-other-baselines","Registry":"other","PackageName":"baselines","PackageOwner":"openai","Downloads":"0","Forks":"3879","Stars":"11146","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.3","AffectedVersionRange":"*","DisclosureDate":"2021-01-31","PrNumber":"1581","Live":true,"Bounty":{"Credit":"830","Cash":"40"},"Repository":{"Name":"baselines","Owner":"openai"},"FixSubmissionCount":1},{"ID":"1-other-bludit","Registry":"other","PackageName":"bludit","PackageOwner":"bludit","Downloads":"0","Forks":"216","Stars":"806","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"PHP","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"6.2","AffectedVersionRange":"*","DisclosureDate":"2020-08-12","PrNumber":"1122","Live":false,"Bounty":{"Credit":"620","Cash":"40"},"Repository":{"Name":"bludit","Owner":"bludit"},"FixSubmissionCount":0},{"ID":"2-other-bludit","Registry":"other","PackageName":"bludit","PackageOwner":"bludit","Downloads":"0","Forks":"216","Stars":"806","PackageVulnerabilityID":"2","CodebasePrimaryLanguage":"PHP","VulnerabilityDescription":"Cross Site Request Forgery (CSRF)","Severity":"3.3","AffectedVersionRange":"*","DisclosureDate":"2020-08-12","PrNumber":"1123","Live":false,"Bounty":{"Credit":"330","Cash":"40"},"Repository":{"Name":"bludit","Owner":"bludit"},"FixSubmissionCount":0},{"ID":"3-other-bludit","Registry":"other","PackageName":"bludit","PackageOwner":"bludit","Downloads":"0","Forks":"216","Stars":"806","PackageVulnerabilityID":"3","CodebasePrimaryLanguage":"PHP","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"6.2","AffectedVersionRange":"*","DisclosureDate":"2020-08-18","PrNumber":"1124","Live":false,"Bounty":{"Credit":"620","Cash":"40"},"Repository":{"Name":"bludit","Owner":"bludit"},"FixSubmissionCount":0},{"ID":"1-other-bonnet","Registry":"other","PackageName":"bonnet","PackageOwner":"PRBonn","Downloads":"0","Forks":"83","Stars":"271","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.5","AffectedVersionRange":"*","DisclosureDate":"2021-02-08","PrNumber":"1856","Live":true,"Bounty":{"Credit":"850","Cash":"40"},"Repository":{"Name":"bonnet","Owner":"PRBonn"},"FixSubmissionCount":1},{"ID":"1-other-boxbilling","Registry":"other","PackageName":"boxbilling","PackageOwner":"boxbilling","Downloads":"0","Forks":"278","Stars":"366","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"PHP","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"5.3","AffectedVersionRange":"*","DisclosureDate":"2019-08-18","PrNumber":"1125","Live":false,"Bounty":{"Credit":"530","Cash":"40"},"Repository":{"Name":"boxbilling","Owner":"boxbilling"},"FixSubmissionCount":0},{"ID":"1-other-chatcord","Registry":"other","PackageName":"chatcord","PackageOwner":"bradtraversy","Downloads":"0","Forks":"515","Stars":"549","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"HTML","VulnerabilityDescription":"Stored Cross-site Scripting (XSS)","Severity":"8.5","AffectedVersionRange":"*","DisclosureDate":"2020-08-27","PrNumber":"1126","Live":false,"Bounty":{"Credit":"850","Cash":"40"},"Repository":{"Name":"chatcord","Owner":"bradtraversy"},"FixSubmissionCount":0},{"ID":"1-other-code","Registry":"other","PackageName":"code","PackageOwner":"ActiveState","Downloads":"0","Forks":"669","Stars":"1848","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"","Severity":"8.1","AffectedVersionRange":"*","DisclosureDate":"2021-01-30","PrNumber":"1811","Live":true,"Bounty":{"Credit":"810","Cash":"40"},"Repository":{"Name":"code","Owner":"ActiveState"},"FixSubmissionCount":1},{"ID":"1-other-deep_sort_pytorch","Registry":"other","PackageName":"deep_sort_pytorch","PackageOwner":"ZQPei","Downloads":"0","Forks":"456","Stars":"1435","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"6.2","AffectedVersionRange":"*","DisclosureDate":"2020-12-21","PrNumber":"1349","Live":false,"Bounty":{"Credit":"620","Cash":"40"},"Repository":{"Name":"deep_sort_pytorch","Owner":"ZQPei"},"FixSubmissionCount":1},{"ID":"1-other-django-crm","Registry":"other","PackageName":"django-crm","PackageOwner":"MicroPyramid","Downloads":"0","Forks":"504","Stars":"961","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Cross-site Request Forgery (CSRF)","Severity":"8.8","AffectedVersionRange":"*","DisclosureDate":"2020-03-13","PrNumber":"","Live":false,"Bounty":{"Credit":"880","Cash":"40"},"Repository":{"Name":"Django-CRM","Owner":"MicroPyramid"},"FixSubmissionCount":0},{"ID":"1-other-docs","Registry":"other","PackageName":"docs","PackageOwner":"sismics","Downloads":"0","Forks":"133","Stars":"801","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"XSS","Severity":"6.6","AffectedVersionRange":"*","DisclosureDate":"2021-02-06","PrNumber":"1526","Live":true,"Bounty":{"Credit":"660","Cash":"40"},"Repository":{"Name":"docs","Owner":"sismics"},"FixSubmissionCount":0},{"ID":"2-other-docs","Registry":"other","PackageName":"docs","PackageOwner":"sismics","Downloads":"0","Forks":"133","Stars":"801","PackageVulnerabilityID":"2","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Permissive Cross-domain Policy with Untrusted Domains","Severity":"9.3","AffectedVersionRange":"*","DisclosureDate":"2021-02-12","PrNumber":"1877","Live":false,"Bounty":{"Credit":"930","Cash":"40"},"Repository":{"Name":"docs","Owner":"sismics"},"FixSubmissionCount":1},{"ID":"1-other-duktape","Registry":"other","PackageName":"duktape","PackageOwner":"svaarala","Downloads":"0","Forks":"465","Stars":"4721","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"6.5","AffectedVersionRange":"*","DisclosureDate":"2020-12-21","PrNumber":"1334","Live":false,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"duktape","Owner":"svaarala"},"FixSubmissionCount":1},{"ID":"1-other-extanalysis","Registry":"other","PackageName":"extanalysis","PackageOwner":"Tuhinshubhra","Downloads":"0","Forks":"73","Stars":"343","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Cross-Site Request Forgery (CSRF)","Severity":"6.5","AffectedVersionRange":"*","DisclosureDate":"2020-04-03","PrNumber":"","Live":false,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"ExtAnalysis","Owner":"Tuhinshubhra"},"FixSubmissionCount":0},{"ID":"1-other-ffmpeg-web-gui","Registry":"other","PackageName":"ffmpeg-web-gui","PackageOwner":"swooningfish","Downloads":"0","Forks":"76","Stars":"174","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"PHP","VulnerabilityDescription":"Remote Code Execution","Severity":"8.3","AffectedVersionRange":"*","DisclosureDate":"2020-07-26","PrNumber":"1127","Live":false,"Bounty":{"Credit":"830","Cash":"40"},"Repository":{"Name":"ffmpeg-web-gui","Owner":"swooningfish"},"FixSubmissionCount":0},{"ID":"1-other-firekylin","Registry":"other","PackageName":"firekylin","PackageOwner":"firekylin","Downloads":"0","Forks":"402","Stars":"1776","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Resources Downloaded over Insecure Protocol","Severity":"4.7","AffectedVersionRange":"*","DisclosureDate":"2020-09-03","PrNumber":"1128","Live":false,"Bounty":{"Credit":"470","Cash":"40"},"Repository":{"Name":"firekylin","Owner":"firekylin"},"FixSubmissionCount":0},{"ID":"1-other-forkcms","Registry":"other","PackageName":"forkcms","PackageOwner":"forkcms","Downloads":"0","Forks":"286","Stars":"1103","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"PHP","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"4.7","AffectedVersionRange":"*","DisclosureDate":"2020-09-13","PrNumber":"1129","Live":true,"Bounty":{"Credit":"470","Cash":"40"},"Repository":{"Name":"forkcms","Owner":"forkcms"},"FixSubmissionCount":0},{"ID":"1-other-getsimplecms","Registry":"other","PackageName":"getsimplecms","PackageOwner":"GetSimpleCMS","Downloads":"0","Forks":"91","Stars":"330","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"PHP","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"3.3","AffectedVersionRange":"*","DisclosureDate":"2020-08-02","PrNumber":"1130","Live":false,"Bounty":{"Credit":"330","Cash":"40"},"Repository":{"Name":"GetSimpleCMS","Owner":"GetSimpleCMS"},"FixSubmissionCount":0},{"ID":"1-other-hackathon-starter","Registry":"other","PackageName":"hackathon-starter","PackageOwner":"sahat","Downloads":"0","Forks":"7037","Stars":"31444","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Lack of Rate Limiting","Severity":"5.3","AffectedVersionRange":"<=6.0.1","DisclosureDate":"2020-11-17","PrNumber":"1244","Live":false,"Bounty":{"Credit":"530","Cash":"40"},"Repository":{"Name":"hackathon-starter","Owner":"sahat"},"FixSubmissionCount":0},{"ID":"1-other-i3wm-themer","Registry":"other","PackageName":"i3wm-themer","PackageOwner":"unix121","Downloads":"0","Forks":"201","Stars":"1656","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.8","AffectedVersionRange":"*","DisclosureDate":"2021-02-13","PrNumber":"1882","Live":false,"Bounty":{"Credit":"880","Cash":"40"},"Repository":{"Name":"i3wm-themer","Owner":"unix121"},"FixSubmissionCount":1},{"ID":"1-other-keras","Registry":"other","PackageName":"keras","PackageOwner":"keras-team","Downloads":"0","Forks":"18714","Stars":"50691","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.3","AffectedVersionRange":"*","DisclosureDate":"2021-01-10","PrNumber":"1504","Live":true,"Bounty":{"Credit":"830","Cash":"40"},"Repository":{"Name":"keras","Owner":"keras-team"},"FixSubmissionCount":1},{"ID":"1-other-kkfileview","Registry":"other","PackageName":"kkfileview","PackageOwner":"kekingcn","Downloads":"0","Forks":"1328","Stars":"4661","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Java","VulnerabilityDescription":"XSS","Severity":"4.1","AffectedVersionRange":"*","DisclosureDate":"2021-01-06","PrNumber":"1433","Live":false,"Bounty":{"Credit":"410","Cash":"40"},"Repository":{"Name":"kkFileView","Owner":"kekingcn"},"FixSubmissionCount":0},{"ID":"1-other-kubernetes","Registry":"other","PackageName":"kubernetes","PackageOwner":"kubernetes","Downloads":"0","Forks":"26945","Stars":"74317","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Go","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"6.5","AffectedVersionRange":"*","DisclosureDate":"2020-12-21","PrNumber":"1384","Live":false,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"kubernetes","Owner":"kubernetes"},"FixSubmissionCount":1},{"ID":"1-other-maxsite","Registry":"other","PackageName":"maxsite","PackageOwner":"maxsite","Downloads":"0","Forks":"56","Stars":"122","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"PHP","VulnerabilityDescription":"Cross-Site Scripting (XSS)","Severity":"5.6","AffectedVersionRange":"1.0","DisclosureDate":"2021-01-06","PrNumber":"1440","Live":true,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"cms","Owner":"maxsite"},"FixSubmissionCount":0},{"ID":"1-other-models","Registry":"other","PackageName":"models","PackageOwner":"tensorflow","Downloads":"0","Forks":"43499","Stars":"68632","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.1","AffectedVersionRange":"*","DisclosureDate":"2020-12-21","PrNumber":"1314","Live":false,"Bounty":{"Credit":"810","Cash":"40"},"Repository":{"Name":"models","Owner":"tensorflow"},"FixSubmissionCount":1},{"ID":"1-other-monica","Registry":"other","PackageName":"monica","PackageOwner":"monicahq","Downloads":"0","Forks":"1368","Stars":"12425","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"PHP","VulnerabilityDescription":"Injection to Stored Cross-site Scripting (XSS)","Severity":"8.2","AffectedVersionRange":"*","DisclosureDate":"2020-09-01","PrNumber":"1131","Live":false,"Bounty":{"Credit":"820","Cash":"40"},"Repository":{"Name":"monica","Owner":"monicahq"},"FixSubmissionCount":0},{"ID":"2-other-monica","Registry":"other","PackageName":"monica","PackageOwner":"monicahq","Downloads":"0","Forks":"1368","Stars":"12425","PackageVulnerabilityID":"2","CodebasePrimaryLanguage":"PHP","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-09-02","PrNumber":"1132","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"monica","Owner":"monicahq"},"FixSubmissionCount":0},{"ID":"1-other-node-login","Registry":"other","PackageName":"node-login","PackageOwner":"braitsch","Downloads":"0","Forks":"654","Stars":"1483","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Cross-site Request Forgery (CSRF)","Severity":"8.8","AffectedVersionRange":"<=1.7.3","DisclosureDate":"2020-11-24","PrNumber":"1245","Live":false,"Bounty":{"Credit":"880","Cash":"40"},"Repository":{"Name":"node-login","Owner":"braitsch"},"FixSubmissionCount":0},{"ID":"2-other-node-login","Registry":"other","PackageName":"node-login","PackageOwner":"braitsch","Downloads":"0","Forks":"654","Stars":"1483","PackageVulnerabilityID":"2","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Business Logic Errors","Severity":"6.3","AffectedVersionRange":"<=1.7.3","DisclosureDate":"2020-11-24","PrNumber":"1246","Live":false,"Bounty":{"Credit":"630","Cash":"40"},"Repository":{"Name":"node-login","Owner":"braitsch"},"FixSubmissionCount":0},{"ID":"1-other-odoo","Registry":"other","PackageName":"odoo","PackageOwner":"odoo","Downloads":"0","Forks":"13766","Stars":"20466","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Blind Cross-site Scripting (XSS)","Severity":"3.7","AffectedVersionRange":"13.0","DisclosureDate":"2020-09-11","PrNumber":"1133","Live":false,"Bounty":{"Credit":"370","Cash":"40"},"Repository":{"Name":"odoo","Owner":"odoo"},"FixSubmissionCount":0},{"ID":"1-other-openfire-bookmarks-plugin","Registry":"other","PackageName":"openfire-bookmarks-plugin","PackageOwner":"igniterealtime","Downloads":"0","Forks":"7","Stars":"4","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Java","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"8.1","AffectedVersionRange":"*","DisclosureDate":"2020-12-17","PrNumber":"1390","Live":false,"Bounty":{"Credit":"810","Cash":"40"},"Repository":{"Name":"openfire-bookmarks-plugin","Owner":"igniterealtime"},"FixSubmissionCount":1},{"ID":"1-other-openfire-clientControl-plugin","Registry":"other","PackageName":"openfire-clientControl-plugin","PackageOwner":"igniterealtime","Downloads":"0","Forks":"7","Stars":"2","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Java","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"8.1","AffectedVersionRange":"*","DisclosureDate":"2020-12-21","PrNumber":"1406","Live":true,"Bounty":{"Credit":"810","Cash":"40"},"Repository":{"Name":"openfire-clientControl-plugin","Owner":"igniterealtime"},"FixSubmissionCount":0},{"ID":"1-other-openfire-dbaccess-plugin","Registry":"other","PackageName":"openfire-dbaccess-plugin","PackageOwner":"igniterealtime","Downloads":"0","Forks":"9","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Java","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"7.3","AffectedVersionRange":"*","DisclosureDate":"2020-12-17","PrNumber":"1379","Live":true,"Bounty":{"Credit":"730","Cash":"40"},"Repository":{"Name":"openfire-dbaccess-plugin","Owner":"igniterealtime"},"FixSubmissionCount":0},{"ID":"1-other-openfire-fastpath-plugin","Registry":"other","PackageName":"openfire-fastpath-plugin","PackageOwner":"igniterealtime","Downloads":"0","Forks":"7","Stars":"1","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"8.1","AffectedVersionRange":"*","DisclosureDate":"2020-12-21","PrNumber":"1391","Live":true,"Bounty":{"Credit":"810","Cash":"40"},"Repository":{"Name":"openfire-fastpath-plugin","Owner":"igniterealtime"},"FixSubmissionCount":0},{"ID":"1-other-openfire-nodejs-plugin","Registry":"other","PackageName":"openfire-nodejs-plugin","PackageOwner":"igniterealtime","Downloads":"0","Forks":"5","Stars":"1","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Java","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"7.3","AffectedVersionRange":"*","DisclosureDate":"2020-12-17","PrNumber":"1380","Live":true,"Bounty":{"Credit":"730","Cash":"40"},"Repository":{"Name":"openfire-nodejs-plugin","Owner":"igniterealtime"},"FixSubmissionCount":0},{"ID":"1-other-openfire-sip-plugin","Registry":"other","PackageName":"openfire-sip-plugin","PackageOwner":"igniterealtime","Downloads":"0","Forks":"5","Stars":"1","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Java","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"8.1","AffectedVersionRange":"*","DisclosureDate":"2021-01-04","PrNumber":"1408","Live":true,"Bounty":{"Credit":"810","Cash":"40"},"Repository":{"Name":"openfire-sip-plugin","Owner":"igniterealtime"},"FixSubmissionCount":0},{"ID":"1-other-openfire-userCreation-plugin","Registry":"other","PackageName":"openfire-userCreation-plugin","PackageOwner":"igniterealtime","Downloads":"0","Forks":"5","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Java","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"5.4","AffectedVersionRange":"*","DisclosureDate":"2020-12-21","PrNumber":"1392","Live":true,"Bounty":{"Credit":"540","Cash":"40"},"Repository":{"Name":"openfire-userCreation-plugin","Owner":"igniterealtime"},"FixSubmissionCount":0},{"ID":"1-other-postgresql-metrics","Registry":"other","PackageName":"postgresql-metrics","PackageOwner":"spotify","Downloads":"0","Forks":"34","Stars":"532","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.5","AffectedVersionRange":"*","DisclosureDate":"2021-01-07","PrNumber":"1487","Live":false,"Bounty":{"Credit":"850","Cash":"40"},"Repository":{"Name":"postgresql-metrics","Owner":"spotify"},"FixSubmissionCount":1},{"ID":"1-other-pyAudioAnalysis","Registry":"other","PackageName":"pyAudioAnalysis","PackageOwner":"tyiannak","Downloads":"0","Forks":"966","Stars":"3756","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.3","AffectedVersionRange":"*","DisclosureDate":"2021-01-07","PrNumber":"1476","Live":false,"Bounty":{"Credit":"830","Cash":"40"},"Repository":{"Name":"pyAudioAnalysis","Owner":"tyiannak"},"FixSubmissionCount":1},{"ID":"1-other-rc-zip","Registry":"other","PackageName":"rc-zip","PackageOwner":"rust-compress","Downloads":"0","Forks":"8","Stars":"70","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Rust","VulnerabilityDescription":"zip-slip","Severity":"6.6","AffectedVersionRange":"*","DisclosureDate":"2021-02-07","PrNumber":"1760","Live":true,"Bounty":{"Credit":"660","Cash":"40"},"Repository":{"Name":"rc-zip","Owner":"rust-compress"},"FixSubmissionCount":1},{"ID":"1-other-selenium","Registry":"other","PackageName":"selenium","PackageOwner":"SeleniumHQ","Downloads":"0","Forks":"6162","Stars":"19799","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Java","VulnerabilityDescription":"Resources Downloaded over Insecure Protocol","Severity":"4.7","AffectedVersionRange":"*","DisclosureDate":"2020-09-17","PrNumber":"1134","Live":false,"Bounty":{"Credit":"470","Cash":"40"},"Repository":{"Name":"selenium","Owner":"SeleniumHQ"},"FixSubmissionCount":0},{"ID":"1-other-strider","Registry":"other","PackageName":"strider","PackageOwner":"Strider-CD","Downloads":"0","Forks":"432","Stars":"4491","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Cross-site Request Forgery (CSRF)","Severity":"8.0","AffectedVersionRange":"<=2.4.20","DisclosureDate":"2020-12-17","PrNumber":"1389","Live":false,"Bounty":{"Credit":"800","Cash":"40"},"Repository":{"Name":"strider","Owner":"Strider-CD"},"FixSubmissionCount":0},{"ID":"1-other-svg2png","Registry":"other","PackageName":"svg2png","PackageOwner":"sterlp","Downloads":"0","Forks":"10","Stars":"82","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Java","VulnerabilityDescription":"SSRF","Severity":"4.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-28","PrNumber":"1802","Live":true,"Bounty":{"Credit":"460","Cash":"40"},"Repository":{"Name":"svg2png","Owner":"sterlp"},"FixSubmissionCount":0},{"ID":"1-other-svgedit","Registry":"other","PackageName":"svgedit","PackageOwner":"SVG-Edit","Downloads":"0","Forks":"1071","Stars":"4116","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"SSRF","Severity":"6.6","AffectedVersionRange":"*","DisclosureDate":"2021-02-06","PrNumber":"1480","Live":true,"Bounty":{"Credit":"660","Cash":"40"},"Repository":{"Name":"svgedit","Owner":"SVG-Edit"},"FixSubmissionCount":0},{"ID":"1-other-teedy","Registry":"other","PackageName":"teedy","PackageOwner":"sismics","Downloads":"0","Forks":"133","Stars":"801","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Account takeover with CSRF","Severity":"8.0","AffectedVersionRange":"<=1.8","DisclosureDate":"2020-12-18","PrNumber":"1318","Live":true,"Bounty":{"Credit":"800","Cash":"40"},"Repository":{"Name":"docs","Owner":"sismics"},"FixSubmissionCount":0},{"ID":"1-other-tpu","Registry":"other","PackageName":"tpu","PackageOwner":"tensorflow","Downloads":"0","Forks":"1498","Stars":"4127","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Jupyter Notebook","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"7.2","AffectedVersionRange":"*","DisclosureDate":"2020-12-21","PrNumber":"1315","Live":false,"Bounty":{"Credit":"720","Cash":"40"},"Repository":{"Name":"tpu","Owner":"tensorflow"},"FixSubmissionCount":1},{"ID":"1-other-traduora","Registry":"other","PackageName":"traduora","PackageOwner":"traduora","Downloads":"0","Forks":"111","Stars":"1416","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Username Enumeration","Severity":"5.3","AffectedVersionRange":"0.17.0","DisclosureDate":"2020-09-13","PrNumber":"1135","Live":false,"Bounty":{"Credit":"530","Cash":"40"},"Repository":{"Name":"traduora","Owner":"traduora"},"FixSubmissionCount":0},{"ID":"2-other-traduora","Registry":"other","PackageName":"traduora","PackageOwner":"traduora","Downloads":"0","Forks":"111","Stars":"1416","PackageVulnerabilityID":"2","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Mass Account Creation","Severity":"5.3","AffectedVersionRange":"*","DisclosureDate":"2020-09-13","PrNumber":"1136","Live":true,"Bounty":{"Credit":"530","Cash":"40"},"Repository":{"Name":"traduora","Owner":"traduora"},"FixSubmissionCount":0},{"ID":"3-other-traduora","Registry":"other","PackageName":"traduora","PackageOwner":"traduora","Downloads":"0","Forks":"111","Stars":"1416","PackageVulnerabilityID":"3","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Lack of Rate Limiting","Severity":"5.3","AffectedVersionRange":"0.17.0","DisclosureDate":"2020-09-13","PrNumber":"1137","Live":false,"Bounty":{"Credit":"530","Cash":"40"},"Repository":{"Name":"traduora","Owner":"traduora"},"FixSubmissionCount":0},{"ID":"1-other-tripleo-heat-templates","Registry":"other","PackageName":"tripleo-heat-templates","PackageOwner":"openstack","Downloads":"0","Forks":"177","Stars":"141","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.3","AffectedVersionRange":"*","DisclosureDate":"2021-01-07","PrNumber":"1473","Live":true,"Bounty":{"Credit":"830","Cash":"40"},"Repository":{"Name":"tripleo-heat-templates","Owner":"openstack"},"FixSubmissionCount":1},{"ID":"1-other-typecho","Registry":"other","PackageName":"typecho","PackageOwner":"typecho","Downloads":"0","Forks":"1581","Stars":"7654","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"PHP","VulnerabilityDescription":"Code Injection","Severity":"7.2","AffectedVersionRange":"*","DisclosureDate":"2020-03-20","PrNumber":"","Live":false,"Bounty":{"Credit":"720","Cash":"40"},"Repository":{"Name":"typecho","Owner":"typecho"},"FixSubmissionCount":0},{"ID":"1-other-ulogger-server","Registry":"other","PackageName":"ulogger-server","PackageOwner":"bfabiszewski","Downloads":"0","Forks":"63","Stars":"312","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Auth Bypass via CSRF","Severity":"8.1","AffectedVersionRange":"*","DisclosureDate":"2020-10-27","PrNumber":"1138","Live":true,"Bounty":{"Credit":"810","Cash":"40"},"Repository":{"Name":"ulogger-server","Owner":"bfabiszewski"},"FixSubmissionCount":0},{"ID":"1-other-vectalign","Registry":"other","PackageName":"vectalign","PackageOwner":"bonnyfone","Downloads":"0","Forks":"169","Stars":"2043","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Java","VulnerabilityDescription":"xxe","Severity":"6.6","AffectedVersionRange":"*","DisclosureDate":"2021-02-07","PrNumber":"1528","Live":true,"Bounty":{"Credit":"660","Cash":"40"},"Repository":{"Name":"vectalign","Owner":"bonnyfone"},"FixSubmissionCount":1},{"ID":"1-other-yolov3","Registry":"other","PackageName":"yolov3","PackageOwner":"ultralytics","Downloads":"0","Forks":"2489","Stars":"6709","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"7.2","AffectedVersionRange":"*","DisclosureDate":"2020-12-21","PrNumber":"1364","Live":false,"Bounty":{"Credit":"720","Cash":"40"},"Repository":{"Name":"yolov3","Owner":"ultralytics"},"FixSubmissionCount":1},{"ID":"1-other-yolov5","Registry":"other","PackageName":"yolov5","PackageOwner":"ultralytics","Downloads":"0","Forks":"2849","Stars":"8539","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"7.1","AffectedVersionRange":"*","DisclosureDate":"2020-12-21","PrNumber":"1365","Live":false,"Bounty":{"Credit":"710","Cash":"40"},"Repository":{"Name":"yolov5","Owner":"ultralytics"},"FixSubmissionCount":1},{"ID":"1-pip-BentoML","Registry":"pip","PackageName":"BentoML","PackageOwner":"bentoml","Downloads":"0","Forks":"244","Stars":"2166","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.3","AffectedVersionRange":"*","DisclosureDate":"2021-01-06","PrNumber":"1431","Live":false,"Bounty":{"Credit":"830","Cash":"40"},"Repository":{"Name":"BentoML","Owner":"bentoml"},"FixSubmissionCount":1},{"ID":"1-pip-CUP","Registry":"pip","PackageName":"CUP","PackageOwner":"baidu","Downloads":"0","Forks":"174","Stars":"818","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.3","AffectedVersionRange":"*","DisclosureDate":"2021-01-07","PrNumber":"1492","Live":false,"Bounty":{"Credit":"830","Cash":"40"},"Repository":{"Name":"CUP","Owner":"baidu"},"FixSubmissionCount":1},{"ID":"1-pip-CairoSVG","Registry":"pip","PackageName":"CairoSVG","PackageOwner":"Kozea","Downloads":"0","Forks":"110","Stars":"446","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"SSRF","Severity":"6.1","AffectedVersionRange":"*","DisclosureDate":"2020-12-21","PrNumber":"1409","Live":true,"Bounty":{"Credit":"610","Cash":"40"},"Repository":{"Name":"CairoSVG","Owner":"Kozea"},"FixSubmissionCount":1},{"ID":"1-pip-ParlAI","Registry":"pip","PackageName":"ParlAI","PackageOwner":"facebookresearch","Downloads":"0","Forks":"1450","Stars":"6983","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.3","AffectedVersionRange":"*","DisclosureDate":"2021-01-07","PrNumber":"1468","Live":false,"Bounty":{"Credit":"830","Cash":"40"},"Repository":{"Name":"ParlAI","Owner":"facebookresearch"},"FixSubmissionCount":1},{"ID":"1-pip-Red-DiscordBot","Registry":"pip","PackageName":"Red-DiscordBot","PackageOwner":"Cog-Creators","Downloads":"0","Forks":"1367","Stars":"2061","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.3","AffectedVersionRange":"*","DisclosureDate":"2021-01-07","PrNumber":"1447","Live":false,"Bounty":{"Credit":"830","Cash":"40"},"Repository":{"Name":"Red-DiscordBot","Owner":"Cog-Creators"},"FixSubmissionCount":1},{"ID":"1-pip-acme","Registry":"pip","PackageName":"acme","PackageOwner":"deepmind","Downloads":"18140","Forks":"189","Stars":"1918","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.3","AffectedVersionRange":"*","DisclosureDate":"2021-01-07","PrNumber":"1466","Live":true,"Bounty":{"Credit":"830","Cash":"40"},"Repository":{"Name":"acme","Owner":"deepmind"},"FixSubmissionCount":1},{"ID":"1-pip-aiocache","Registry":"pip","PackageName":"aiocache","PackageOwner":"aio-libs","Downloads":"5318","Forks":"73","Stars":"482","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.3","AffectedVersionRange":"*","DisclosureDate":"2021-01-07","PrNumber":"1493","Live":false,"Bounty":{"Credit":"830","Cash":"40"},"Repository":{"Name":"aiocache","Owner":"aio-libs"},"FixSubmissionCount":1},{"ID":"1-pip-alphapy","Registry":"pip","PackageName":"alphapy","PackageOwner":"ScottfreeLLC","Downloads":"33","Forks":"122","Stars":"549","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.5","AffectedVersionRange":"*","DisclosureDate":"2021-02-08","PrNumber":"1855","Live":true,"Bounty":{"Credit":"850","Cash":"40"},"Repository":{"Name":"AlphaPy","Owner":"ScottfreeLLC"},"FixSubmissionCount":1},{"ID":"1-pip-apache-flink","Registry":"pip","PackageName":"apache-flink","PackageOwner":"apache","Downloads":"388","Forks":"8581","Stars":"15504","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Java","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.3","AffectedVersionRange":"*","DisclosureDate":"2021-01-30","PrNumber":"1443","Live":true,"Bounty":{"Credit":"830","Cash":"40"},"Repository":{"Name":"flink","Owner":"apache"},"FixSubmissionCount":1},{"ID":"1-pip-archivy","Registry":"pip","PackageName":"archivy","PackageOwner":"archivy","Downloads":"213","Forks":"77","Stars":"2356","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.3","AffectedVersionRange":"*","DisclosureDate":"2021-01-07","PrNumber":"1467","Live":false,"Bounty":{"Credit":"830","Cash":"40"},"Repository":{"Name":"archivy","Owner":"archivy"},"FixSubmissionCount":2},{"ID":"1-pip-arq","Registry":"pip","PackageName":"arq","PackageOwner":"samuelcolvin","Downloads":"733","Forks":"63","Stars":"658","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.3","AffectedVersionRange":"*","DisclosureDate":"2021-01-10","PrNumber":"1494","Live":false,"Bounty":{"Credit":"830","Cash":"40"},"Repository":{"Name":"arq","Owner":"samuelcolvin"},"FixSubmissionCount":1},{"ID":"1-pip-autogluon","Registry":"pip","PackageName":"autogluon","PackageOwner":"awslabs","Downloads":"5306","Forks":"390","Stars":"2976","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.3","AffectedVersionRange":"*","DisclosureDate":"2021-01-10","PrNumber":"1499","Live":false,"Bounty":{"Credit":"830","Cash":"40"},"Repository":{"Name":"autogluon","Owner":"awslabs"},"FixSubmissionCount":2},{"ID":"1-pip-bitcoinexchangefh","Registry":"pip","PackageName":"bitcoinexchangefh","PackageOwner":"BitcoinExchangeFH","Downloads":"19","Forks":"279","Stars":"864","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.5","AffectedVersionRange":"*","DisclosureDate":"2021-01-28","PrNumber":"1806","Live":true,"Bounty":{"Credit":"850","Cash":"40"},"Repository":{"Name":"BitcoinExchangeFH","Owner":"BitcoinExchangeFH"},"FixSubmissionCount":1},{"ID":"1-pip-cabot","Registry":"pip","PackageName":"cabot","PackageOwner":"arachnys","Downloads":"56","Forks":"564","Stars":"4999","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Stored Cross-site Scripting (XSS)","Severity":"9.1","AffectedVersionRange":"0.11.12","DisclosureDate":"2020-09-05","PrNumber":"1139","Live":false,"Bounty":{"Credit":"910","Cash":"40"},"Repository":{"Name":"cabot","Owner":"arachnys"},"FixSubmissionCount":0},{"ID":"1-pip-caliban","Registry":"pip","PackageName":"caliban","PackageOwner":"google","Downloads":"16","Forks":"32","Stars":"331","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.5","AffectedVersionRange":"*","DisclosureDate":"2021-01-06","PrNumber":"1450","Live":false,"Bounty":{"Credit":"850","Cash":"40"},"Repository":{"Name":"caliban","Owner":"google"},"FixSubmissionCount":1},{"ID":"1-pip-caprica","Registry":"pip","PackageName":"caprica","PackageOwner":"google","Downloads":"0","Forks":"157","Stars":"479","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Insecure Deserialization","Severity":"6.5","AffectedVersionRange":"*","DisclosureDate":"2020-12-21","PrNumber":"1348","Live":false,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"capirca","Owner":"google"},"FixSubmissionCount":0},{"ID":"1-pip-catalyst","Registry":"pip","PackageName":"catalyst","PackageOwner":"catalyst-team","Downloads":"1216","Forks":"276","Stars":"2431","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Insecure Deserialization","Severity":"6.5","AffectedVersionRange":"","DisclosureDate":"2021-01-06","PrNumber":"1441","Live":false,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"catalyst","Owner":"catalyst-team"},"FixSubmissionCount":1},{"ID":"1-pip-chartify","Registry":"pip","PackageName":"chartify","PackageOwner":"spotify","Downloads":"623","Forks":"253","Stars":"2829","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Insecure Deserialization","Severity":"6.5","AffectedVersionRange":"*","DisclosureDate":"2020-12-21","PrNumber":"1382","Live":false,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"chartify","Owner":"spotify"},"FixSubmissionCount":0},{"ID":"1-pip-computervision-recipes","Registry":"pip","PackageName":"computervision-recipes","PackageOwner":"microsoft","Downloads":"0","Forks":"900","Stars":"7493","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Jupyter Notebook","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.1","AffectedVersionRange":"*","DisclosureDate":"2020-12-21","PrNumber":"1331","Live":false,"Bounty":{"Credit":"810","Cash":"40"},"Repository":{"Name":"computervision-recipes","Owner":"microsoft"},"FixSubmissionCount":0},{"ID":"1-pip-conference-scheduler-cli","Registry":"pip","PackageName":"conference-scheduler-cli","PackageOwner":"pyconuk","Downloads":"7","Forks":"7","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"7.8","AffectedVersionRange":"*","DisclosureDate":"2020-08-10","PrNumber":"1140","Live":false,"Bounty":{"Credit":"780","Cash":"40"},"Repository":{"Name":"conferencescheduler-cli","Owner":"pyconuk"},"FixSubmissionCount":0},{"ID":"1-pip-datalab","Registry":"pip","PackageName":"datalab","PackageOwner":"googledatalab","Downloads":"9023","Forks":"80","Stars":"185","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.5","AffectedVersionRange":"*","DisclosureDate":"2021-01-28","PrNumber":"1799","Live":true,"Bounty":{"Credit":"850","Cash":"40"},"Repository":{"Name":"pydatalab","Owner":"googledatalab"},"FixSubmissionCount":1},{"ID":"1-pip-definitions","Registry":"pip","PackageName":"definitions","PackageOwner":"danijar","Downloads":"417","Forks":"7","Stars":"5","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"9.8","AffectedVersionRange":"*","DisclosureDate":"2020-08-10","PrNumber":"1141","Live":false,"Bounty":{"Credit":"980","Cash":"40"},"Repository":{"Name":"definitions","Owner":"danijar"},"FixSubmissionCount":0},{"ID":"1-pip-distributed","Registry":"pip","PackageName":"distributed","PackageOwner":"dask","Downloads":"188892","Forks":"506","Stars":"1145","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.3","AffectedVersionRange":"*","DisclosureDate":"2021-01-10","PrNumber":"1565","Live":false,"Bounty":{"Credit":"830","Cash":"40"},"Repository":{"Name":"distributed","Owner":"dask"},"FixSubmissionCount":1},{"ID":"1-pip-dnsrobocert","Registry":"pip","PackageName":"dnsrobocert","PackageOwner":"adferrand","Downloads":"64","Forks":"70","Stars":"415","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.5","AffectedVersionRange":"*","DisclosureDate":"2021-02-08","PrNumber":"1860","Live":true,"Bounty":{"Credit":"850","Cash":"40"},"Repository":{"Name":"dnsrobocert","Owner":"adferrand"},"FixSubmissionCount":1},{"ID":"1-pip-faust","Registry":"pip","PackageName":"faust","PackageOwner":"robinhood","Downloads":"40164","Forks":"437","Stars":"5299","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.3","AffectedVersionRange":"*","DisclosureDate":"2021-01-31","PrNumber":"1587","Live":true,"Bounty":{"Credit":"830","Cash":"40"},"Repository":{"Name":"faust","Owner":"robinhood"},"FixSubmissionCount":1},{"ID":"1-pip-fsociety","Registry":"pip","PackageName":"fsociety","PackageOwner":"Manisso","Downloads":"90","Forks":"1507","Stars":"6443","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Remote Code Execution","Severity":"6.4","AffectedVersionRange":"*","DisclosureDate":"2020-06-30","PrNumber":"1142","Live":false,"Bounty":{"Credit":"640","Cash":"40"},"Repository":{"Name":"fsociety","Owner":"Manisso"},"FixSubmissionCount":0},{"ID":"1-pip-gita","Registry":"pip","PackageName":"gita","PackageOwner":"nosarthur","Downloads":"81","Forks":"42","Stars":"851","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.0","AffectedVersionRange":"*","DisclosureDate":"2021-01-30","PrNumber":"1810","Live":false,"Bounty":{"Credit":"800","Cash":"40"},"Repository":{"Name":"gita","Owner":"nosarthur"},"FixSubmissionCount":0},{"ID":"1-pip-gym","Registry":"pip","PackageName":"gym","PackageOwner":"openai","Downloads":"79030","Forks":"6673","Stars":"23433","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.3","AffectedVersionRange":"*","DisclosureDate":"2021-01-07","PrNumber":"1491","Live":false,"Bounty":{"Credit":"830","Cash":"40"},"Repository":{"Name":"gym","Owner":"openai"},"FixSubmissionCount":1},{"ID":"1-pip-hackingtool","Registry":"pip","PackageName":"hackingtool","PackageOwner":"Z4nzu","Downloads":"0","Forks":"723","Stars":"5726","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Remote Code Execution","Severity":"6.4","AffectedVersionRange":"*","DisclosureDate":"2020-07-30","PrNumber":"1143","Live":false,"Bounty":{"Credit":"640","Cash":"40"},"Repository":{"Name":"hackingtool","Owner":"Z4nzu"},"FixSubmissionCount":0},{"ID":"1-pip-httprunner","Registry":"pip","PackageName":"httprunner","PackageOwner":"httprunner","Downloads":"440","Forks":"910","Stars":"2345","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.5","AffectedVersionRange":"*","DisclosureDate":"2021-01-28","PrNumber":"1805","Live":true,"Bounty":{"Credit":"850","Cash":"40"},"Repository":{"Name":"httprunner","Owner":"httprunner"},"FixSubmissionCount":1},{"ID":"1-pip-huey","Registry":"pip","PackageName":"huey","PackageOwner":"coleifer","Downloads":"2994","Forks":"301","Stars":"3368","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.3","AffectedVersionRange":"*","DisclosureDate":"2021-01-31","PrNumber":"1590","Live":true,"Bounty":{"Credit":"830","Cash":"40"},"Repository":{"Name":"huey","Owner":"coleifer"},"FixSubmissionCount":1},{"ID":"1-pip-ipycache","Registry":"pip","PackageName":"ipycache","PackageOwner":"rossant","Downloads":"17","Forks":"35","Stars":"112","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Remote Code Execution (RCE)","Severity":"7.5","AffectedVersionRange":"*","DisclosureDate":"2020-02-03","PrNumber":"","Live":false,"Bounty":{"Credit":"750","Cash":"40"},"Repository":{"Name":"ipycache","Owner":"rossant"},"FixSubmissionCount":0},{"ID":"1-pip-labml","Registry":"pip","PackageName":"labml","PackageOwner":"lab-ml","Downloads":"139","Forks":"39","Stars":"416","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Jupyter Notebook","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.5","AffectedVersionRange":"*","DisclosureDate":"2021-02-08","PrNumber":"1858","Live":true,"Bounty":{"Credit":"850","Cash":"40"},"Repository":{"Name":"labml","Owner":"lab-ml"},"FixSubmissionCount":1},{"ID":"1-pip-loguru","Registry":"pip","PackageName":"loguru","PackageOwner":"Delgan","Downloads":"96706","Forks":"366","Stars":"8133","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.3","AffectedVersionRange":"*","DisclosureDate":"2021-01-31","PrNumber":"1592","Live":true,"Bounty":{"Credit":"830","Cash":"40"},"Repository":{"Name":"loguru","Owner":"Delgan"},"FixSubmissionCount":1},{"ID":"1-pip-mlagents","Registry":"pip","PackageName":"mlagents","PackageOwner":"Unity-Technologies","Downloads":"1872","Forks":"2808","Stars":"10510","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"C#","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.3","AffectedVersionRange":"*","DisclosureDate":"2021-01-31","PrNumber":"1593","Live":true,"Bounty":{"Credit":"830","Cash":"40"},"Repository":{"Name":"ml-agents","Owner":"Unity-Technologies"},"FixSubmissionCount":1},{"ID":"1-pip-mrjob","Registry":"pip","PackageName":"mrjob","PackageOwner":"Yelp","Downloads":"12831","Forks":"592","Stars":"2527","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.3","AffectedVersionRange":"*","DisclosureDate":"2021-01-31","PrNumber":"1471","Live":true,"Bounty":{"Credit":"830","Cash":"40"},"Repository":{"Name":"mrjob","Owner":"Yelp"},"FixSubmissionCount":1},{"ID":"1-pip-multiqc","Registry":"pip","PackageName":"multiqc","PackageOwner":"ewels","Downloads":"331","Forks":"379","Stars":"699","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.5","AffectedVersionRange":"*","DisclosureDate":"2021-01-30","PrNumber":"1813","Live":false,"Bounty":{"Credit":"850","Cash":"40"},"Repository":{"Name":"MultiQC","Owner":"ewels"},"FixSubmissionCount":1},{"ID":"1-pip-networkx","Registry":"pip","PackageName":"networkx","PackageOwner":"networkx","Downloads":"978662","Forks":"2210","Stars":"8645","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Insecure Deserialization","Severity":"6.5","AffectedVersionRange":"*","DisclosureDate":"2020-12-21","PrNumber":"1350","Live":false,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"networkx","Owner":"networkx"},"FixSubmissionCount":0},{"ID":"1-pip-nni","Registry":"pip","PackageName":"nni","PackageOwner":"microsoft","Downloads":"145","Forks":"1201","Stars":"9063","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.1","AffectedVersionRange":"*","DisclosureDate":"2020-12-21","PrNumber":"1328","Live":false,"Bounty":{"Credit":"810","Cash":"40"},"Repository":{"Name":"nni","Owner":"microsoft"},"FixSubmissionCount":1},{"ID":"1-pip-paddlepaddle","Registry":"pip","PackageName":"paddlepaddle","PackageOwner":"PaddlePaddle","Downloads":"1149","Forks":"3555","Stars":"14285","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.3","AffectedVersionRange":"*","DisclosureDate":"2021-01-07","PrNumber":"1488","Live":false,"Bounty":{"Credit":"830","Cash":"40"},"Repository":{"Name":"Paddle","Owner":"PaddlePaddle"},"FixSubmissionCount":1},{"ID":"1-pip-papermerge","Registry":"pip","PackageName":"papermerge","PackageOwner":"ciur","Downloads":"3","Forks":"123","Stars":"992","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"XSS","Severity":"6.6","AffectedVersionRange":"*","DisclosureDate":"2021-02-06","PrNumber":"1490","Live":false,"Bounty":{"Credit":"660","Cash":"40"},"Repository":{"Name":"papermerge","Owner":"ciur"},"FixSubmissionCount":1},{"ID":"2-pip-papermerge","Registry":"pip","PackageName":"papermerge","PackageOwner":"ciur","Downloads":"3","Forks":"123","Stars":"992","PackageVulnerabilityID":"2","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Cross-Site Scripting (XSS)","Severity":"4.8","AffectedVersionRange":"*","DisclosureDate":"2021-02-12","PrNumber":"1866","Live":false,"Bounty":{"Credit":"480","Cash":"40"},"Repository":{"Name":"papermerge","Owner":"ciur"},"FixSubmissionCount":0},{"ID":"1-pip-papermerge-core","Registry":"pip","PackageName":"papermerge-core","PackageOwner":"papermerge","Downloads":"26","Forks":"6","Stars":"3","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"XSS","Severity":"5.1","AffectedVersionRange":"*","DisclosureDate":"2021-02-11","PrNumber":"1864","Live":true,"Bounty":{"Credit":"510","Cash":"40"},"Repository":{"Name":"papermerge-core","Owner":"papermerge"},"FixSubmissionCount":1},{"ID":"1-pip-peewee","Registry":"pip","PackageName":"peewee","PackageOwner":"coleifer","Downloads":"38335","Forks":"1266","Stars":"8156","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.3","AffectedVersionRange":"*","DisclosureDate":"2021-01-31","PrNumber":"1598","Live":true,"Bounty":{"Credit":"830","Cash":"40"},"Repository":{"Name":"peewee","Owner":"coleifer"},"FixSubmissionCount":1},{"ID":"1-pip-petastorm","Registry":"pip","PackageName":"petastorm","PackageOwner":"uber","Downloads":"9215","Forks":"187","Stars":"1080","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.3","AffectedVersionRange":"*","DisclosureDate":"2021-01-04","PrNumber":"1445","Live":false,"Bounty":{"Credit":"830","Cash":"40"},"Repository":{"Name":"petastorm","Owner":"uber"},"FixSubmissionCount":1},{"ID":"1-pip-psq","Registry":"pip","PackageName":"psq","PackageOwner":"GoogleCloudPlatform","Downloads":"358","Forks":"39","Stars":"194","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.3","AffectedVersionRange":"*","DisclosureDate":"2021-01-06","PrNumber":"1448","Live":false,"Bounty":{"Credit":"830","Cash":"40"},"Repository":{"Name":"psq","Owner":"GoogleCloudPlatform"},"FixSubmissionCount":1},{"ID":"1-pip-python-libnmap","Registry":"pip","PackageName":"python-libnmap","PackageOwner":"savon-noir","Downloads":"933","Forks":"182","Stars":"415","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"XML External Entity (XXE) Injection","Severity":"7.5","AffectedVersionRange":"*","DisclosureDate":"2020-02-13","PrNumber":"","Live":false,"Bounty":{"Credit":"750","Cash":"40"},"Repository":{"Name":"python-libnmap","Owner":"savon-noir"},"FixSubmissionCount":0},{"ID":"1-pip-pytorch","Registry":"pip","PackageName":"pytorch","PackageOwner":"pytorch","Downloads":"3140","Forks":"12264","Stars":"46151","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"C++","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"6.5","AffectedVersionRange":"1.7.1","DisclosureDate":"2020-12-21","PrNumber":"1337","Live":false,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"pytorch","Owner":"pytorch"},"FixSubmissionCount":2},{"ID":"1-pip-pyyaml","Registry":"pip","PackageName":"pyyaml","PackageOwner":"yaml","Downloads":"10116064","Forks":"306","Stars":"1384","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"9.8","AffectedVersionRange":"*","DisclosureDate":"2020-08-03","PrNumber":"1144","Live":false,"Bounty":{"Credit":"980","Cash":"40"},"Repository":{"Name":"pyyaml","Owner":"yaml"},"FixSubmissionCount":0},{"ID":"1-pip-qlib","Registry":"pip","PackageName":"qlib","PackageOwner":"microsoft","Downloads":"33","Forks":"656","Stars":"4308","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.1","AffectedVersionRange":"*","DisclosureDate":"2020-12-21","PrNumber":"1329","Live":false,"Bounty":{"Credit":"810","Cash":"40"},"Repository":{"Name":"qlib","Owner":"microsoft"},"FixSubmissionCount":0},{"ID":"1-pip-ray","Registry":"pip","PackageName":"ray","PackageOwner":"ray-project","Downloads":"29473","Forks":"2391","Stars":"14808","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.3","AffectedVersionRange":"*","DisclosureDate":"2021-01-10","PrNumber":"1505","Live":false,"Bounty":{"Credit":"830","Cash":"40"},"Repository":{"Name":"ray","Owner":"ray-project"},"FixSubmissionCount":1},{"ID":"1-pip-rqalpha","Registry":"pip","PackageName":"rqalpha","PackageOwner":"ricequant","Downloads":"143","Forks":"1408","Stars":"4090","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.3","AffectedVersionRange":"*","DisclosureDate":"2021-01-10","PrNumber":"1567","Live":false,"Bounty":{"Credit":"830","Cash":"40"},"Repository":{"Name":"rqalpha","Owner":"ricequant"},"FixSubmissionCount":2},{"ID":"1-pip-runx","Registry":"pip","PackageName":"runx","PackageOwner":"NVIDIA","Downloads":"55","Forks":"28","Stars":"509","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Insecure Deserialization","Severity":"6.5","AffectedVersionRange":"0.0.10","DisclosureDate":"2020-12-21","PrNumber":"1341","Live":false,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"runx","Owner":"NVIDIA"},"FixSubmissionCount":1},{"ID":"1-pip-simiki","Registry":"pip","PackageName":"simiki","PackageOwner":"tankywoo","Downloads":"33","Forks":"159","Stars":"1078","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.5","AffectedVersionRange":"*","DisclosureDate":"2021-02-08","PrNumber":"1859","Live":true,"Bounty":{"Credit":"850","Cash":"40"},"Repository":{"Name":"simiki","Owner":"tankywoo"},"FixSubmissionCount":1},{"ID":"1-pip-spark","Registry":"pip","PackageName":"spark","PackageOwner":"apache","Downloads":"1796","Forks":"23362","Stars":"28789","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Scala","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.3","AffectedVersionRange":"*","DisclosureDate":"2021-01-06","PrNumber":"1446","Live":true,"Bounty":{"Credit":"830","Cash":"40"},"Repository":{"Name":"spark","Owner":"apache"},"FixSubmissionCount":1},{"ID":"1-pip-sqlalchemy","Registry":"pip","PackageName":"sqlalchemy","PackageOwner":"sqlalchemy","Downloads":"2094996","Forks":"519","Stars":"3304","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.3","AffectedVersionRange":"*","DisclosureDate":"2021-01-10","PrNumber":"1568","Live":true,"Bounty":{"Credit":"830","Cash":"40"},"Repository":{"Name":"sqlalchemy","Owner":"sqlalchemy"},"FixSubmissionCount":1},{"ID":"1-pip-studioml","Registry":"pip","PackageName":"studioml","PackageOwner":"studioml","Downloads":"92","Forks":"50","Stars":"369","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.5","AffectedVersionRange":"*","DisclosureDate":"2021-02-08","PrNumber":"1857","Live":true,"Bounty":{"Credit":"850","Cash":"40"},"Repository":{"Name":"studio","Owner":"studioml"},"FixSubmissionCount":1},{"ID":"1-pip-swig","Registry":"pip","PackageName":"swig","PackageOwner":"swig","Downloads":"0","Forks":"945","Stars":"3812","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"C++","VulnerabilityDescription":"Remote Code Execution","Severity":"5.2","AffectedVersionRange":"*","DisclosureDate":"2020-09-03","PrNumber":"1145","Live":false,"Bounty":{"Credit":"520","Cash":"40"},"Repository":{"Name":"swig","Owner":"swig"},"FixSubmissionCount":0},{"ID":"1-pip-tensorflow","Registry":"pip","PackageName":"tensorflow","PackageOwner":"tensorflow","Downloads":"877582","Forks":"83984","Stars":"153205","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"C++","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.1","AffectedVersionRange":"*","DisclosureDate":"2021-01-26","PrNumber":"1783","Live":true,"Bounty":{"Credit":"810","Cash":"40"},"Repository":{"Name":"tensorflow","Owner":"tensorflow"},"FixSubmissionCount":1},{"ID":"1-pip-tensorflowtts","Registry":"pip","PackageName":"tensorflowtts","PackageOwner":"TensorSpeech","Downloads":"65","Forks":"316","Stars":"1617","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-30","PrNumber":"1807","Live":false,"Bounty":{"Credit":"860","Cash":"40"},"Repository":{"Name":"TensorFlowTTS","Owner":"TensorSpeech"},"FixSubmissionCount":2},{"ID":"1-pip-tensorlayer","Registry":"pip","PackageName":"tensorlayer","PackageOwner":"tensorlayer","Downloads":"429","Forks":"1459","Stars":"6485","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.1","AffectedVersionRange":"*","DisclosureDate":"2021-01-26","PrNumber":"1791","Live":true,"Bounty":{"Credit":"810","Cash":"40"},"Repository":{"Name":"tensorlayer","Owner":"tensorlayer"},"FixSubmissionCount":1},{"ID":"1-pip-tensorpack","Registry":"pip","PackageName":"tensorpack","PackageOwner":"tensorpack","Downloads":"1736","Forks":"1771","Stars":"5922","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.3","AffectedVersionRange":"*","DisclosureDate":"2021-01-31","PrNumber":"1472","Live":true,"Bounty":{"Credit":"830","Cash":"40"},"Repository":{"Name":"tensorpack","Owner":"tensorpack"},"FixSubmissionCount":1},{"ID":"1-pip-tf-agents","Registry":"pip","PackageName":"tf-agents","PackageOwner":"tensorflow","Downloads":"987","Forks":"466","Stars":"1790","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.3","AffectedVersionRange":"*","DisclosureDate":"2021-01-31","PrNumber":"1573","Live":true,"Bounty":{"Credit":"830","Cash":"40"},"Repository":{"Name":"agents","Owner":"tensorflow"},"FixSubmissionCount":1},{"ID":"1-pip-tflearn","Registry":"pip","PackageName":"tflearn","PackageOwner":"tflearn","Downloads":"1652","Forks":"2429","Stars":"9518","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.3","AffectedVersionRange":"*","DisclosureDate":"2021-01-10","PrNumber":"1551","Live":false,"Bounty":{"Credit":"830","Cash":"40"},"Repository":{"Name":"tflearn","Owner":"tflearn"},"FixSubmissionCount":1},{"ID":"1-pip-tfx","Registry":"pip","PackageName":"tfx","PackageOwner":"tensorflow","Downloads":"10851","Forks":"396","Stars":"1319","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"8.5","AffectedVersionRange":"*","DisclosureDate":"2021-01-28","PrNumber":"1803","Live":true,"Bounty":{"Credit":"850","Cash":"40"},"Repository":{"Name":"tfx","Owner":"tensorflow"},"FixSubmissionCount":1},{"ID":"1-pip-uvicorn","Registry":"pip","PackageName":"uvicorn","PackageOwner":"encode","Downloads":"168171","Forks":"286","Stars":"3577","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Python","VulnerabilityDescription":"HTTP Response Splitting","Severity":"5.3","AffectedVersionRange":"*","DisclosureDate":"2020-07-28","PrNumber":"1146","Live":false,"Bounty":{"Credit":"530","Cash":"40"},"Repository":{"Name":"uvicorn","Owner":"encode"},"FixSubmissionCount":0},{"ID":"1-rubygems-colorscore","Registry":"rubygems","PackageName":"colorscore","PackageOwner":"quadule","Downloads":"266","Forks":"26","Stars":"83","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Ruby","VulnerabilityDescription":"Arbitrary Command Execution","Severity":"10","AffectedVersionRange":"*","DisclosureDate":"2020-07-20","PrNumber":"1147","Live":false,"Bounty":{"Credit":"1000","Cash":"40"},"Repository":{"Name":"colorscore","Owner":"quadule"},"FixSubmissionCount":0},{"ID":"1-rubygems-cucumber-ruby","Registry":"rubygems","PackageName":"cucumber-ruby","PackageOwner":"cucumber","Downloads":"0","Forks":"1110","Stars":"5057","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Ruby","VulnerabilityDescription":"HTML Injection","Severity":"6.5","AffectedVersionRange":"*","DisclosureDate":"2020-07-20","PrNumber":"1148","Live":false,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"cucumber-ruby","Owner":"cucumber"},"FixSubmissionCount":0},{"ID":"1-rubygems-dragonfly","Registry":"rubygems","PackageName":"dragonfly","PackageOwner":"markevans","Downloads":"2101","Forks":"234","Stars":"2112","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Ruby","VulnerabilityDescription":"Arbitrary Command Execution","Severity":"7.3","AffectedVersionRange":"*","DisclosureDate":"2020-02-21","PrNumber":"","Live":false,"Bounty":{"Credit":"730","Cash":"40"},"Repository":{"Name":"dragonfly","Owner":"markevans"},"FixSubmissionCount":0},{"ID":"1-rubygems-em-imap","Registry":"rubygems","PackageName":"em-imap","PackageOwner":"ConradIrwin","Downloads":"31","Forks":"30","Stars":"69","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Ruby","VulnerabilityDescription":"Man-in-the-Middle","Severity":"8.2","AffectedVersionRange":"*","DisclosureDate":"2020-05-27","PrNumber":"1149","Live":false,"Bounty":{"Credit":"820","Cash":"40"},"Repository":{"Name":"em-imap","Owner":"ConradIrwin"},"FixSubmissionCount":0},{"ID":"1-rubygems-erubis","Registry":"rubygems","PackageName":"erubis","PackageOwner":"kwatch","Downloads":"383422","Forks":"68","Stars":"58","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Ruby","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"4.2","AffectedVersionRange":"*","DisclosureDate":"2020-02-01","PrNumber":"","Live":false,"Bounty":{"Credit":"420","Cash":"40"},"Repository":{"Name":"erubis","Owner":"kwatch"},"FixSubmissionCount":0},{"ID":"1-rubygems-goliath","Registry":"rubygems","PackageName":"goliath","PackageOwner":"postrank-labs","Downloads":"118","Forks":"231","Stars":"2463","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Ruby","VulnerabilityDescription":"HTTP Request Smuggling","Severity":"5.9","AffectedVersionRange":"*","DisclosureDate":"2020-06-09","PrNumber":"1150","Live":true,"Bounty":{"Credit":"590","Cash":"40"},"Repository":{"Name":"goliath","Owner":"postrank-labs"},"FixSubmissionCount":0},{"ID":"1-rubygems-parsel","Registry":"rubygems","PackageName":"parsel","PackageOwner":"fnando","Downloads":"12","Forks":"17","Stars":"6","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Ruby","VulnerabilityDescription":"Insecure Encryption","Severity":"7","AffectedVersionRange":"*","DisclosureDate":"2020-02-01","PrNumber":"","Live":false,"Bounty":{"Credit":"700","Cash":"40"},"Repository":{"Name":"parsel-rb","Owner":"fnando"},"FixSubmissionCount":0},{"ID":"1-rubygems-radiant","Registry":"rubygems","PackageName":"radiant","PackageOwner":"radiant","Downloads":"27","Forks":"364","Stars":"1683","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Ruby","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"5.4","AffectedVersionRange":"*","DisclosureDate":"2020-02-13","PrNumber":"1151","Live":true,"Bounty":{"Credit":"540","Cash":"40"},"Repository":{"Name":"radiant","Owner":"radiant"},"FixSubmissionCount":0},{"ID":"1-rubygems-spree","Registry":"rubygems","PackageName":"spree","PackageOwner":"spree","Downloads":"409","Forks":"4663","Stars":"11063","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Ruby","VulnerabilityDescription":"Lack of Rate Limiting","Severity":"5.3","AffectedVersionRange":"4.1.9","DisclosureDate":"2020-09-17","PrNumber":"1152","Live":true,"Bounty":{"Credit":"530","Cash":"40"},"Repository":{"Name":"spree","Owner":"spree"},"FixSubmissionCount":0},{"ID":"2-rubygems-spree","Registry":"rubygems","PackageName":"spree","PackageOwner":"spree","Downloads":"409","Forks":"480","Stars":"124","PackageVulnerabilityID":"2","CodebasePrimaryLanguage":"Ruby","VulnerabilityDescription":"Username Enumeration","Severity":"4.3","AffectedVersionRange":"<4.1.10","DisclosureDate":"2020-09-17","PrNumber":"1153","Live":true,"Bounty":{"Credit":"430","Cash":"40"},"Repository":{"Name":"spree_auth_devise","Owner":"spree"},"FixSubmissionCount":0},{"ID":"1-rubygems-webbynode","Registry":"rubygems","PackageName":"webbynode","PackageOwner":"webbynode","Downloads":"8","Forks":"12","Stars":"42","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"Ruby","VulnerabilityDescription":"Arbitrary Command Execution","Severity":"7.3","AffectedVersionRange":"*","DisclosureDate":"2020-08-04","PrNumber":"1154","Live":false,"Bounty":{"Credit":"730","Cash":"40"},"Repository":{"Name":"webbynode","Owner":"webbynode"},"FixSubmissionCount":0},{"ID":"1-npm-%40ant-design%2Fcharts","Registry":"npm","PackageName":"@ant-design/charts","PackageOwner":"ant-design","Downloads":"8834","Forks":"78","Stars":"444","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"6.1","AffectedVersionRange":"*","DisclosureDate":"2020-11-17","PrNumber":"1217","Live":false,"Bounty":{"Credit":"610","Cash":"40"},"Repository":{"Name":"ant-design-charts","Owner":"ant-design"},"FixSubmissionCount":0},{"ID":"1-npm-%40antv%2Fg2","Registry":"npm","PackageName":"@antv/g2","PackageOwner":"antvis","Downloads":"53584","Forks":"1085","Stars":"10475","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"6.1","AffectedVersionRange":"*","DisclosureDate":"2020-12-21","PrNumber":"1333","Live":false,"Bounty":{"Credit":"610","Cash":"40"},"Repository":{"Name":"G2","Owner":"antvis"},"FixSubmissionCount":1},{"ID":"1-npm-%40aofl%2Fobject-utils","Registry":"npm","PackageName":"@aofl/object-utils","PackageOwner":"AgeOfLearning","Downloads":"162","Forks":"9","Stars":"25","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-10","PrNumber":"1521","Live":true,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"aofl","Owner":"AgeOfLearning"},"FixSubmissionCount":1},{"ID":"1-npm-%40auto-it%2Fbrew","Registry":"npm","PackageName":"@auto-it/brew","PackageOwner":"intuit","Downloads":"929","Forks":"111","Stars":"1028","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Remote Code Execution","Severity":"6.3","AffectedVersionRange":"*","DisclosureDate":"2020-06-01","PrNumber":"1155","Live":false,"Bounty":{"Credit":"630","Cash":"40"},"Repository":{"Name":"auto","Owner":"intuit"},"FixSubmissionCount":0},{"ID":"1-npm-%40blakek%2Fdeep","Registry":"npm","PackageName":"@blakek/deep","PackageOwner":"blakek","Downloads":"178","Forks":"3","Stars":"1","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-06","PrNumber":"1436","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"deep","Owner":"blakek"},"FixSubmissionCount":2},{"ID":"1-npm-%40borderlesslabs%2Fassign","Registry":"npm","PackageName":"@borderlesslabs/assign","PackageOwner":"BorderlessLabs","Downloads":"46","Forks":"3","Stars":"5","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Prototype Pollution","Severity":"6.5","AffectedVersionRange":"*","DisclosureDate":"2021-02-09","PrNumber":"1832","Live":false,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"assign","Owner":"BorderlessLabs"},"FixSubmissionCount":2},{"ID":"1-npm-%40brikcss%2Fmerge","Registry":"npm","PackageName":"@brikcss/merge","PackageOwner":"brikcss","Downloads":"7","Forks":"3","Stars":"1","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-19","PrNumber":"1417","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"merge","Owner":"brikcss"},"FixSubmissionCount":0},{"ID":"1-npm-%40carbon%2Fcharts-angular","Registry":"npm","PackageName":"@carbon/charts-angular","PackageOwner":"carbon-design-system","Downloads":"11345","Forks":"99","Stars":"265","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"6.1","AffectedVersionRange":"*","DisclosureDate":"2020-11-24","PrNumber":"1220","Live":true,"Bounty":{"Credit":"610","Cash":"40"},"Repository":{"Name":"carbon-charts","Owner":"carbon-design-system"},"FixSubmissionCount":0},{"ID":"1-npm-%40common-utilities%2Fmerge-objects","Registry":"npm","PackageName":"@common-utilities/merge-objects","PackageOwner":"yowainwright","Downloads":"0","Forks":"2","Stars":"4","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-12-21","PrNumber":"1420","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"common-utilities","Owner":"yowainwright"},"FixSubmissionCount":2},{"ID":"1-npm-%40dotvirus%2Fptree","Registry":"npm","PackageName":"@dotvirus/ptree","PackageOwner":"dotvirus","Downloads":"0","Forks":"3","Stars":"2","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-28","PrNumber":"1800","Live":true,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"ptree","Owner":"dotvirus"},"FixSubmissionCount":2},{"ID":"1-npm-%40fav%2Fprop.assign-deep","Registry":"npm","PackageName":"@fav/prop.assign-deep","PackageOwner":"sttk","Downloads":"5","Forks":"2","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"6.5","AffectedVersionRange":"*","DisclosureDate":"2021-02-12","PrNumber":"1874","Live":true,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"fav-prop.assign-deep","Owner":"sttk"},"FixSubmissionCount":1},{"ID":"1-npm-%40fav%2Fprop.set-deep","Registry":"npm","PackageName":"@fav/prop.set-deep","PackageOwner":"sttk","Downloads":"55","Forks":"2","Stars":"1","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"6.5","AffectedVersionRange":"*","DisclosureDate":"2021-02-07","PrNumber":"1853","Live":true,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"fav-prop.set-deep","Owner":"sttk"},"FixSubmissionCount":2},{"ID":"1-npm-%40feizheng%2Fnext-object-operator","Registry":"npm","PackageName":"@feizheng/next-object-operator","PackageOwner":"afeiship","Downloads":"16","Forks":"3","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"7.3","AffectedVersionRange":"*","DisclosureDate":"2021-01-10","PrNumber":"1501","Live":false,"Bounty":{"Credit":"730","Cash":"40"},"Repository":{"Name":"next-object-operator","Owner":"afeiship"},"FixSubmissionCount":1},{"ID":"1-npm-%40generates%2Fmerger","Registry":"npm","PackageName":"@generates/merger","PackageOwner":"generates","Downloads":"1986","Forks":"3","Stars":"1","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-10-28","PrNumber":"1156","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"generates","Owner":"generates"},"FixSubmissionCount":0},{"ID":"1-npm-%40hapi%2Fhoek","Registry":"npm","PackageName":"@hapi/hoek","PackageOwner":"hapijs","Downloads":"7615796","Forks":"165","Stars":"469","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-09-15","PrNumber":"1157","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"hoek","Owner":"hapijs"},"FixSubmissionCount":0},{"ID":"1-npm-%40ianwalter%2Fdot","Registry":"npm","PackageName":"@ianwalter/dot","PackageOwner":"ianwalter","Downloads":"1288","Forks":"3","Stars":"1","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-10-30","PrNumber":"1158","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"dot","Owner":"ianwalter"},"FixSubmissionCount":0},{"ID":"1-npm-%40indlekofer%2Fobject_set","Registry":"npm","PackageName":"@indlekofer/object_set","PackageOwner":"indlekofer","Downloads":"1","Forks":"3","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-10","PrNumber":"1560","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"object_set","Owner":"indlekofer"},"FixSubmissionCount":1},{"ID":"1-npm-%40intrnl%2Fdotprop","Registry":"npm","PackageName":"@intrnl/dotprop","PackageOwner":"intrnl","Downloads":"0","Forks":"4","Stars":"4","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-10","PrNumber":"1508","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"dotprop","Owner":"intrnl"},"FixSubmissionCount":2},{"ID":"1-npm-%40jswork%2Fnext","Registry":"npm","PackageName":"@jswork/next","PackageOwner":"afeiship","Downloads":"60","Forks":"3","Stars":"1","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"6.5","AffectedVersionRange":"*","DisclosureDate":"2021-02-06","PrNumber":"1850","Live":true,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"next","Owner":"afeiship"},"FixSubmissionCount":2},{"ID":"1-npm-%40jswork%2Fnext-deep-assign","Registry":"npm","PackageName":"@jswork/next-deep-assign","PackageOwner":"afeiship","Downloads":"58","Forks":"2","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-26","PrNumber":"1692","Live":true,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"next-deep-assign","Owner":"afeiship"},"FixSubmissionCount":1},{"ID":"1-npm-%40liqd-js%2Falg-object-merge","Registry":"npm","PackageName":"@liqd-js/alg-object-merge","PackageOwner":"liqd-js","Downloads":"0","Forks":"3","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-19","PrNumber":"1419","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"alg-object-merge","Owner":"liqd-js"},"FixSubmissionCount":0},{"ID":"1-npm-%40livelybone%2Fcopy","Registry":"npm","PackageName":"@livelybone/copy","PackageOwner":"livelybone","Downloads":"659","Forks":"3","Stars":"1","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-10-27","PrNumber":"1159","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"copy","Owner":"livelybone"},"FixSubmissionCount":0},{"ID":"1-npm-%40lyngs%2Fdigger","Registry":"npm","PackageName":"@lyngs/digger","PackageOwner":"ShookLyngs","Downloads":"6","Forks":"2","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"7.3","AffectedVersionRange":"*","DisclosureDate":"2021-01-07","PrNumber":"1459","Live":false,"Bounty":{"Credit":"730","Cash":"40"},"Repository":{"Name":"digger","Owner":"ShookLyngs"},"FixSubmissionCount":1},{"ID":"1-npm-%40lyngs%2Fmerge","Registry":"npm","PackageName":"@lyngs/merge","PackageOwner":"ShookLyngs","Downloads":"0","Forks":"7","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"7.3","AffectedVersionRange":"*","DisclosureDate":"2021-01-07","PrNumber":"1454","Live":true,"Bounty":{"Credit":"730","Cash":"40"},"Repository":{"Name":"merge","Owner":"ShookLyngs"},"FixSubmissionCount":1},{"ID":"1-npm-%40marcopeg%2Fdotted","Registry":"npm","PackageName":"@marcopeg/dotted","PackageOwner":"marcopeg","Downloads":"99","Forks":"3","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-07","PrNumber":"1465","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"npm-packages","Owner":"marcopeg"},"FixSubmissionCount":1},{"ID":"1-npm-%40material-ui%2Futils","Registry":"npm","PackageName":"@material-ui/utils","PackageOwner":"mui-org","Downloads":"1897354","Forks":"20472","Stars":"65200","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"4.11.0","DisclosureDate":"2020-09-14","PrNumber":"1160","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"material-ui","Owner":"mui-org"},"FixSubmissionCount":0},{"ID":"1-npm-%40monabbous%2Funflatter","Registry":"npm","PackageName":"@monabbous/unflatter","PackageOwner":"monabbous","Downloads":"0","Forks":"3","Stars":"1","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2020-10-30","PrNumber":"1161","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"unflatter","Owner":"monabbous"},"FixSubmissionCount":0},{"ID":"1-npm-%40sugo%2Fwkhtmltopdf","Registry":"npm","PackageName":"@sugo/wkhtmltopdf","PackageOwner":"sugojs","Downloads":"145","Forks":"4","Stars":"2","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Remote Code Execution","Severity":"3.1","AffectedVersionRange":"*","DisclosureDate":"2020-05-02","PrNumber":"1162","Live":false,"Bounty":{"Credit":"310","Cash":"40"},"Repository":{"Name":"sugo-wkhtmltopdf","Owner":"sugojs"},"FixSubmissionCount":0},{"ID":"1-npm-%40syncfusion%2Fej2-base","Registry":"npm","PackageName":"@syncfusion/ej2-base","PackageOwner":"syncfusion","Downloads":"57843","Forks":"89","Stars":"250","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"6.1","AffectedVersionRange":"*","DisclosureDate":"2021-02-11","PrNumber":"1775","Live":true,"Bounty":{"Credit":"610","Cash":"40"},"Repository":{"Name":"ej2-javascript-ui-controls","Owner":"syncfusion"},"FixSubmissionCount":0},{"ID":"1-npm-%40szydlovski%2Fdeep-object","Registry":"npm","PackageName":"@szydlovski/deep-object","PackageOwner":"szydlovski","Downloads":"5","Forks":"3","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-06","PrNumber":"1435","Live":true,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"deep-object","Owner":"szydlovski"},"FixSubmissionCount":1},{"ID":"1-npm-%40thi.ng%2Fpaths","Registry":"npm","PackageName":"@thi.ng/paths","PackageOwner":"thi-ng","Downloads":"539","Forks":"76","Stars":"1744","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-26","PrNumber":"1785","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"umbrella","Owner":"thi-ng"},"FixSubmissionCount":1},{"ID":"1-npm-%40util-funcs%2Fobject-set","Registry":"npm","PackageName":"@util-funcs/object-set","PackageOwner":"util-funcs","Downloads":"2","Forks":"3","Stars":"0","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"TypeScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-10","PrNumber":"1557","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"object-set","Owner":"util-funcs"},"FixSubmissionCount":2},{"ID":"1-npm-%40websanova%2Fvue-dot","Registry":"npm","PackageName":"@websanova/vue-dot","PackageOwner":"websanova","Downloads":"18","Forks":"5","Stars":"2","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Prototype Pollution","Severity":"5.6","AffectedVersionRange":"*","DisclosureDate":"2021-01-10","PrNumber":"1561","Live":false,"Bounty":{"Credit":"560","Cash":"40"},"Repository":{"Name":"vue-dot","Owner":"websanova"},"FixSubmissionCount":1},{"ID":"1-npm-pm2-deploy","Registry":"npm","PackageName":"pm2-deploy","PackageOwner":"Unitech","Downloads":"765406","Forks":"66","Stars":"163","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Remote Code Execution","Severity":"6.7","AffectedVersionRange":"*","DisclosureDate":"2020-11-24","PrNumber":"1239","Live":true,"Bounty":{"Credit":"670","Cash":"40"},"Repository":{"Name":"pm2-deploy","Owner":"Unitech"},"FixSubmissionCount":1},{"ID":"1-other-thirtybees%2Fthirtybees","Registry":"other","PackageName":"thirtybees/thirtybees","PackageOwner":"thirtybees","Downloads":"0","Forks":"239","Stars":"578","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"PHP","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"8.1","AffectedVersionRange":"*","DisclosureDate":"2020-11-24","PrNumber":"1258","Live":false,"Bounty":{"Credit":"810","Cash":"40"},"Repository":{"Name":"thirtybees","Owner":"thirtybees"},"FixSubmissionCount":0},{"ID":"1-packagist-asymmetricrypt%2Fasymmetricrypt","Registry":"packagist","PackageName":"asymmetricrypt/asymmetricrypt","PackageOwner":"Cosmicist","Downloads":"0","Forks":"4","Stars":"10","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"PHP","VulnerabilityDescription":"Insecure Encryption","Severity":"5.3","AffectedVersionRange":"*","DisclosureDate":"2020-08-10","PrNumber":"1163","Live":false,"Bounty":{"Credit":"530","Cash":"40"},"Repository":{"Name":"AsymmetriCrypt","Owner":"Cosmicist"},"FixSubmissionCount":0},{"ID":"1-packagist-centreon%2Fcentreon","Registry":"packagist","PackageName":"centreon/centreon","PackageOwner":"centreon","Downloads":"35","Forks":"242","Stars":"456","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"PHP","VulnerabilityDescription":"Improper Privilege Management","Severity":"7.2","AffectedVersionRange":"*","DisclosureDate":"2020-07-20","PrNumber":"1164","Live":false,"Bounty":{"Credit":"720","Cash":"40"},"Repository":{"Name":"centreon","Owner":"centreon"},"FixSubmissionCount":0},{"ID":"1-packagist-codiad%2Fcodiad","Registry":"packagist","PackageName":"codiad/codiad","PackageOwner":"Codiad","Downloads":"0","Forks":"698","Stars":"2736","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"PHP","VulnerabilityDescription":"Arbitrary Code Execution","Severity":"9.8","AffectedVersionRange":"*","DisclosureDate":"2020-08-17","PrNumber":"1165","Live":false,"Bounty":{"Credit":"980","Cash":"40"},"Repository":{"Name":"Codiad","Owner":"Codiad"},"FixSubmissionCount":0},{"ID":"1-packagist-cosenary%2Finstagram","Registry":"packagist","PackageName":"cosenary/instagram","PackageOwner":"cosenary","Downloads":"1190","Forks":"830","Stars":"1422","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"PHP","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"6.5","AffectedVersionRange":"*","DisclosureDate":"2020-08-17","PrNumber":"1166","Live":false,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"Instagram-PHP-API","Owner":"cosenary"},"FixSubmissionCount":0},{"ID":"1-packagist-desperado%2Fxml-bundle","Registry":"packagist","PackageName":"desperado/xml-bundle","PackageOwner":"pravednik","Downloads":"504","Forks":"13","Stars":"10","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"PHP","VulnerabilityDescription":"Denial of Service (DoS)","Severity":"7.5","AffectedVersionRange":"*","DisclosureDate":"2020-08-10","PrNumber":"1167","Live":false,"Bounty":{"Credit":"750","Cash":"40"},"Repository":{"Name":"xmlBundle","Owner":"pravednik"},"FixSubmissionCount":0},{"ID":"1-packagist-dolibarr%2Fdolibarr","Registry":"packagist","PackageName":"dolibarr/dolibarr","PackageOwner":"Dolibarr","Downloads":"14","Forks":"1629","Stars":"2317","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"PHP","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"8.3","AffectedVersionRange":"*","DisclosureDate":"2020-07-28","PrNumber":"1168","Live":false,"Bounty":{"Credit":"830","Cash":"40"},"Repository":{"Name":"dolibarr","Owner":"Dolibarr"},"FixSubmissionCount":0},{"ID":"2-packagist-dolibarr%2Fdolibarr","Registry":"packagist","PackageName":"dolibarr/dolibarr","PackageOwner":"Dolibarr","Downloads":"14","Forks":"1629","Stars":"2317","PackageVulnerabilityID":"2","CodebasePrimaryLanguage":"PHP","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"3.3","AffectedVersionRange":"*","DisclosureDate":"2020-07-30","PrNumber":"1169","Live":false,"Bounty":{"Credit":"330","Cash":"40"},"Repository":{"Name":"dolibarr","Owner":"Dolibarr"},"FixSubmissionCount":0},{"ID":"3-packagist-dolibarr%2Fdolibarr","Registry":"packagist","PackageName":"dolibarr/dolibarr","PackageOwner":"Dolibarr","Downloads":"14","Forks":"1629","Stars":"2317","PackageVulnerabilityID":"3","CodebasePrimaryLanguage":"PHP","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"3.7","AffectedVersionRange":"*","DisclosureDate":"2020-09-09","PrNumber":"1170","Live":false,"Bounty":{"Credit":"370","Cash":"40"},"Repository":{"Name":"dolibarr","Owner":"Dolibarr"},"FixSubmissionCount":0},{"ID":"4-packagist-dolibarr%2Fdolibarr","Registry":"packagist","PackageName":"dolibarr/dolibarr","PackageOwner":"Dolibarr","Downloads":"14","Forks":"1629","Stars":"2317","PackageVulnerabilityID":"4","CodebasePrimaryLanguage":"PHP","VulnerabilityDescription":"HTML Injection","Severity":"4.3","AffectedVersionRange":"13.0.0-alpha","DisclosureDate":"2020-09-24","PrNumber":"1171","Live":false,"Bounty":{"Credit":"430","Cash":"40"},"Repository":{"Name":"dolibarr","Owner":"Dolibarr"},"FixSubmissionCount":0},{"ID":"5-packagist-dolibarr%2Fdolibarr","Registry":"packagist","PackageName":"dolibarr/dolibarr","PackageOwner":"Dolibarr","Downloads":"14","Forks":"1629","Stars":"2317","PackageVulnerabilityID":"5","CodebasePrimaryLanguage":"PHP","VulnerabilityDescription":"Reflected Cross-site Scripting (XSS)","Severity":"5.4","AffectedVersionRange":"13.0.0-alpha","DisclosureDate":"2020-09-27","PrNumber":"1172","Live":false,"Bounty":{"Credit":"540","Cash":"40"},"Repository":{"Name":"dolibarr","Owner":"Dolibarr"},"FixSubmissionCount":0},{"ID":"6-packagist-dolibarr%2Fdolibarr","Registry":"packagist","PackageName":"dolibarr/dolibarr","PackageOwner":"Dolibarr","Downloads":"14","Forks":"1629","Stars":"2317","PackageVulnerabilityID":"6","CodebasePrimaryLanguage":"PHP","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"5.7","AffectedVersionRange":"*","DisclosureDate":"2020-08-10","PrNumber":"","Live":false,"Bounty":{"Credit":"570","Cash":"40"},"Repository":{"Name":"dolibarr","Owner":"Dolibarr"},"FixSubmissionCount":0},{"ID":"1-packagist-hotarucms%2Fhotarucms","Registry":"packagist","PackageName":"hotarucms/hotarucms","PackageOwner":"HotaruCMS","Downloads":"0","Forks":"17","Stars":"41","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"PHP","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"9.8","AffectedVersionRange":"*","DisclosureDate":"2020-08-10","PrNumber":"1173","Live":false,"Bounty":{"Credit":"980","Cash":"40"},"Repository":{"Name":"HotaruCMS","Owner":"HotaruCMS"},"FixSubmissionCount":0},{"ID":"1-packagist-intervention%2Fimage","Registry":"packagist","PackageName":"intervention/image","PackageOwner":"Intervention","Downloads":"233800","Forks":"1287","Stars":"11636","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"PHP","VulnerabilityDescription":"Relative Path Traversal","Severity":"6.1","AffectedVersionRange":"2.x","DisclosureDate":"2020-11-16","PrNumber":"880","Live":false,"Bounty":{"Credit":"610","Cash":"40"},"Repository":{"Name":"image","Owner":"Intervention"},"FixSubmissionCount":0},{"ID":"2-packagist-intervention%2Fimage","Registry":"packagist","PackageName":"intervention/image","PackageOwner":"Intervention","Downloads":"233800","Forks":"1287","Stars":"11636","PackageVulnerabilityID":"2","CodebasePrimaryLanguage":"PHP","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"3.3","AffectedVersionRange":"2.x","DisclosureDate":"2020-11-16","PrNumber":"881","Live":false,"Bounty":{"Credit":"330","Cash":"40"},"Repository":{"Name":"image","Owner":"Intervention"},"FixSubmissionCount":0},{"ID":"1-packagist-jsdecena%2Flaracom","Registry":"packagist","PackageName":"jsdecena/laracom","PackageOwner":"jsdecena","Downloads":"0","Forks":"760","Stars":"1402","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"PHP","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"4.7","AffectedVersionRange":"*","DisclosureDate":"2020-09-13","PrNumber":"1174","Live":false,"Bounty":{"Credit":"470","Cash":"40"},"Repository":{"Name":"laracom","Owner":"jsdecena"},"FixSubmissionCount":0},{"ID":"1-packagist-lavalite%2Fcms","Registry":"packagist","PackageName":"lavalite/cms","PackageOwner":"LavaLite","Downloads":"140","Forks":"794","Stars":"2162","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"PHP","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"5.4","AffectedVersionRange":"*","DisclosureDate":"2020-07-20","PrNumber":"1175","Live":true,"Bounty":{"Credit":"540","Cash":"40"},"Repository":{"Name":"cms","Owner":"LavaLite"},"FixSubmissionCount":0},{"ID":"2-packagist-lavalite%2Fcms","Registry":"packagist","PackageName":"lavalite/cms","PackageOwner":"LavaLite","Downloads":"140","Forks":"794","Stars":"2162","PackageVulnerabilityID":"2","CodebasePrimaryLanguage":"PHP","VulnerabilityDescription":"Lack of Rate Limiting","Severity":"5.3","AffectedVersionRange":"*","DisclosureDate":"2020-08-14","PrNumber":"1176","Live":false,"Bounty":{"Credit":"530","Cash":"40"},"Repository":{"Name":"cms","Owner":"LavaLite"},"FixSubmissionCount":0},{"ID":"3-packagist-lavalite%2Fcms","Registry":"packagist","PackageName":"lavalite/cms","PackageOwner":"lavalite","Downloads":"140","Forks":"794","Stars":"2162","PackageVulnerabilityID":"3","CodebasePrimaryLanguage":"PHP","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"7.6","AffectedVersionRange":"*","DisclosureDate":"2020-09-19","PrNumber":"1177","Live":false,"Bounty":{"Credit":"760","Cash":"40"},"Repository":{"Name":"cms","Owner":"lavalite"},"FixSubmissionCount":0},{"ID":"1-packagist-mautic%2Fcore","Registry":"packagist","PackageName":"mautic/core","PackageOwner":"mautic","Downloads":"0","Forks":"1587","Stars":"4354","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"PHP","VulnerabilityDescription":"Username Enumeration","Severity":"4.7","AffectedVersionRange":"*","DisclosureDate":"2020-09-13","PrNumber":"1178","Live":false,"Bounty":{"Credit":"470","Cash":"40"},"Repository":{"Name":"mautic","Owner":"mautic"},"FixSubmissionCount":0},{"ID":"1-packagist-microweber%2Fmicroweber","Registry":"packagist","PackageName":"microweber/microweber","PackageOwner":"microweber","Downloads":"7","Forks":"594","Stars":"1895","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"PHP","VulnerabilityDescription":"Arbitrary File Upload","Severity":"7.8","AffectedVersionRange":"*","DisclosureDate":"2020-10-16","PrNumber":"1179","Live":false,"Bounty":{"Credit":"780","Cash":"40"},"Repository":{"Name":"microweber","Owner":"microweber"},"FixSubmissionCount":0},{"ID":"1-packagist-nilsteampassnet%2Fteampass","Registry":"packagist","PackageName":"nilsteampassnet/teampass","PackageOwner":"nilsteampassnet","Downloads":"0","Forks":"448","Stars":"1328","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"PHP","VulnerabilityDescription":"Unauthorized File Access","Severity":"7.5","AffectedVersionRange":"*","DisclosureDate":"2020-04-29","PrNumber":"1180","Live":false,"Bounty":{"Credit":"750","Cash":"40"},"Repository":{"Name":"TeamPass","Owner":"nilsteampassnet"},"FixSubmissionCount":0},{"ID":"1-packagist-october%2Foctober","Registry":"packagist","PackageName":"october/october","PackageOwner":"octobercms","Downloads":"651","Forks":"176","Stars":"139","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"PHP","VulnerabilityDescription":"Username Enumeration","Severity":"1.5","AffectedVersionRange":"*","DisclosureDate":"2020-08-29","PrNumber":"1181","Live":false,"Bounty":{"Credit":"150","Cash":"40"},"Repository":{"Name":"library","Owner":"octobercms"},"FixSubmissionCount":0},{"ID":"1-packagist-opencart%2Fopencart","Registry":"packagist","PackageName":"opencart/opencart","PackageOwner":"opencart","Downloads":"28","Forks":"4293","Stars":"5941","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"PHP","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"6.7","AffectedVersionRange":"*","DisclosureDate":"2020-07-28","PrNumber":"1182","Live":true,"Bounty":{"Credit":"670","Cash":"40"},"Repository":{"Name":"opencart","Owner":"opencart"},"FixSubmissionCount":0},{"ID":"1-packagist-pagekit%2Fpagekit","Registry":"packagist","PackageName":"pagekit/pagekit","PackageOwner":"pagekit","Downloads":"0","Forks":"657","Stars":"5410","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"PHP","VulnerabilityDescription":"User Enumeration","Severity":"4.8","AffectedVersionRange":"*","DisclosureDate":"2020-07-20","PrNumber":"1183","Live":false,"Bounty":{"Credit":"480","Cash":"40"},"Repository":{"Name":"pagekit","Owner":"pagekit"},"FixSubmissionCount":0},{"ID":"1-packagist-phppgadmin%2Fphppgadmin","Registry":"packagist","PackageName":"phppgadmin/phppgadmin","PackageOwner":"phppgadmin","Downloads":"0","Forks":"200","Stars":"502","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"PHP","VulnerabilityDescription":"Cross-site Request Forgery (CSRF)","Severity":"6.3","AffectedVersionRange":"*","DisclosureDate":"2020-08-17","PrNumber":"1184","Live":true,"Bounty":{"Credit":"630","Cash":"40"},"Repository":{"Name":"phppgadmin","Owner":"phppgadmin"},"FixSubmissionCount":0},{"ID":"1-packagist-pyrocms%2Fpyrocms","Registry":"packagist","PackageName":"pyrocms/pyrocms","PackageOwner":"pyrocms","Downloads":"84","Forks":"951","Stars":"3040","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"PHP","VulnerabilityDescription":"Cross-site Request Forgery (CSRF)","Severity":"6.5","AffectedVersionRange":"*","DisclosureDate":"2020-10-16","PrNumber":"1185","Live":false,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"pyrocms","Owner":"pyrocms"},"FixSubmissionCount":0},{"ID":"1-packagist-s-cart%2Fs-cart","Registry":"packagist","PackageName":"s-cart/s-cart","PackageOwner":"s-cart","Downloads":"0","Forks":"191","Stars":"273","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"PHP","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"8.1","AffectedVersionRange":"*","DisclosureDate":"2020-11-23","PrNumber":"882","Live":true,"Bounty":{"Credit":"810","Cash":"40"},"Repository":{"Name":"s-cart","Owner":"s-cart"},"FixSubmissionCount":0},{"ID":"2-packagist-s-cart%2Fs-cart","Registry":"packagist","PackageName":"s-cart/s-cart","PackageOwner":"s-cart","Downloads":"0","Forks":"7","Stars":"7","PackageVulnerabilityID":"2","CodebasePrimaryLanguage":"PHP","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"8.1","AffectedVersionRange":"*","DisclosureDate":"2020-11-24","PrNumber":"1195","Live":false,"Bounty":{"Credit":"810","Cash":"40"},"Repository":{"Name":"core","Owner":"s-cart"},"FixSubmissionCount":0},{"ID":"1-packagist-sunhater%2Fkcfinder","Registry":"packagist","PackageName":"sunhater/kcfinder","PackageOwner":"sunhater","Downloads":"917","Forks":"205","Stars":"399","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"PHP","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"6.5","AffectedVersionRange":"*","DisclosureDate":"2020-08-10","PrNumber":"1186","Live":false,"Bounty":{"Credit":"650","Cash":"40"},"Repository":{"Name":"kcfinder","Owner":"sunhater"},"FixSubmissionCount":0},{"ID":"1-packagist-symphonycms%2Fsymphony-2","Registry":"packagist","PackageName":"symphonycms/symphony-2","PackageOwner":"symphonycms","Downloads":"0","Forks":"210","Stars":"542","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"PHP","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"8.5","AffectedVersionRange":"*","DisclosureDate":"2020-10-22","PrNumber":"1187","Live":true,"Bounty":{"Credit":"850","Cash":"40"},"Repository":{"Name":"symphonycms","Owner":"symphonycms"},"FixSubmissionCount":0},{"ID":"1-packagist-userfrosting%2Fuserfrosting","Registry":"packagist","PackageName":"userfrosting/userfrosting","PackageOwner":"userfrosting","Downloads":"511","Forks":"378","Stars":"1488","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"PHP","VulnerabilityDescription":"Lack of Rate Limiting","Severity":"5.3","AffectedVersionRange":"*","DisclosureDate":"2020-09-03","PrNumber":"1188","Live":false,"Bounty":{"Credit":"530","Cash":"40"},"Repository":{"Name":"UserFrosting","Owner":"userfrosting"},"FixSubmissionCount":0},{"ID":"2-packagist-userfrosting%2Fuserfrosting","Registry":"packagist","PackageName":"userfrosting/userfrosting","PackageOwner":"userfrosting","Downloads":"511","Forks":"378","Stars":"1488","PackageVulnerabilityID":"2","CodebasePrimaryLanguage":"PHP","VulnerabilityDescription":"Session Fixation","Severity":"6.0","AffectedVersionRange":"*","DisclosureDate":"2020-09-03","PrNumber":"1189","Live":false,"Bounty":{"Credit":"600","Cash":"40"},"Repository":{"Name":"UserFrosting","Owner":"userfrosting"},"FixSubmissionCount":0},{"ID":"3-packagist-userfrosting%2Fuserfrosting","Registry":"packagist","PackageName":"userfrosting/userfrosting","PackageOwner":"userfrosting","Downloads":"511","Forks":"378","Stars":"1488","PackageVulnerabilityID":"3","CodebasePrimaryLanguage":"PHP","VulnerabilityDescription":"E-mail Verification Bypass","Severity":"7.0","AffectedVersionRange":"*","DisclosureDate":"2020-09-03","PrNumber":"1190","Live":false,"Bounty":{"Credit":"700","Cash":"40"},"Repository":{"Name":"UserFrosting","Owner":"userfrosting"},"FixSubmissionCount":0},{"ID":"1-packagist-villagedefrance%2Fopencart-overclocked","Registry":"packagist","PackageName":"villagedefrance/opencart-overclocked","PackageOwner":"villagedefrance","Downloads":"0","Forks":"21","Stars":"28","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"PHP","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"6.1","AffectedVersionRange":"*","DisclosureDate":"2020-08-04","PrNumber":"1191","Live":false,"Bounty":{"Credit":"610","Cash":"40"},"Repository":{"Name":"OpenCart-Overclocked","Owner":"villagedefrance"},"FixSubmissionCount":0},{"ID":"1-packagist-yidashi%2Fyii2cmf","Registry":"packagist","PackageName":"yidashi/yii2cmf","PackageOwner":"yidashi","Downloads":"0","Forks":"148","Stars":"253","PackageVulnerabilityID":"1","CodebasePrimaryLanguage":"JavaScript","VulnerabilityDescription":"Cross-site Scripting (XSS)","Severity":"6.9","AffectedVersionRange":"*","DisclosureDate":"2020-08-17","PrNumber":"1192","Live":false,"Bounty":{"Credit":"690","Cash":"40"},"Repository":{"Name":"yii2cmf","Owner":"yidashi"},"FixSubmissionCount":0}]