Security: feathersjs/feathers
Security
No security policy detected
This project has not set up a SECURITY.md file yet.
-
Internal headers exposed via unencrypted session cookieGHSA-9m9c-vpv5-9g85 published
Feb 18, 2026 by dafflModerate -
Origin validation bypass via prefix matchingGHSA-mp4x-c34x-wv3x published
Feb 18, 2026 by dafflHigh -
Open redirect in OAuth callback enables account takeoverGHSA-ppf9-4ffw-hh4p published
Feb 18, 2026 by dafflHigh -
Socket handler allows abusing implicit toStringGHSA-hhr9-rh25-hvf9 published
Jul 19, 2023 by dafflHigh
Learn more about advisories related to feathersjs/feathers in the GitHub Advisory Database