diff
19 known vulnerabilities · 2 critical · 2 high
jsdiff has a Denial of Service vulnerability in parsePatch and applyPatch
Regular Expression Denial of Service (ReDoS)
Malicious code in argocd-diff-action (npm)
Malicious code in rediff-viewer (npm)
OpenClaw: system.run approval identity mismatch could execute a different binary than displayed
Malicious code in updated-object-diff (npm)
Malicious code in diff-dom-2 (npm)
Duplicate Advisory: OpenClaw: system.run approval identity mismatch could execute a different binary than displayed
Samlify vulnerable to Authentication Bypass by allowing tokens to be reused with different usernames
fast-jwt: Cache Confusion via cacheKeyBuilder Collisions Can Return Claims From a Different Token (Identity/Authorization Mixup)
Malicious code in dom-diff-exporter (npm)
Malicious code in @amber-team/report-bundle-diff (npm)
jsondiffpatch is vulnerable to Cross-site Scripting (XSS) via HtmlFormatter::nodeBegin
OpenClaw: diffs viewer misclassifies proxied remote requests as loopback when `allowRemoteViewer` is disabled
Malicious code in @asyncapi/diff (npm)
Malicious code in rediff (npm)