OsVault/npm/liquidjs
npm

liquidjs

8 known vulnerabilities · 0 critical · 0 high

GHSA-4rc3-7j7w-m548

liquidjs has a Denial of Service via circular block reference in layout

Published Apr 24, 2026
CVE-2026-33287

LiquidJS has Exponential Memory Amplification through its replace_first Filter $& Pattern

Published Mar 25, 2026
GHSA-56p5-8mhr-2fph

LiquidJS: Root restriction bypass for partial and layout loading through symlinked templates

Published Apr 8, 2026
GHSA-v273-448j-v4qj

LiquidJS: `renderFile()` / `parseFile()` bypass configured `root` and allow arbitrary file read

Published Apr 8, 2026
GHSA-mmg9-6m6j-jqqx

LiquidJS Has Memory Limit Bypass via Quadratic Amplification in `replace` Filter

Published Apr 8, 2026
CVE-2026-30952

liquidjs has a path traversal fallback vulnerability

Published Mar 10, 2026
CVE-2026-33285

LiquidJS: memoryLimit Bypass through Negative Range Values Leads to Process Crash

Published Mar 25, 2026
GHSA-rv5g-f82m-qrvv

LiquidJS: ownPropertyOnly bypass via sort_natural filter — prototype property information disclosure through sorting side-channel

Published Apr 8, 2026
Check your entire dependency tree at onceRun dependency scan →