Vulnerability Scanner for Node.js | GeekWala
Loading...
Skip to main content
GeekWala
JavaScript/TypeScript

Vulnerability Scanner for Node.js

The world's largest software registry with over 2 million packages. npm is the default package manager for Node.js.

Scan Your npm ProjectCreate Free Account
27
Total Vulnerabilities
2
Critical
36
High Severity
3
Last 30 Days

How to Scan npm Projects

GeekWala supports the following JavaScript/TypeScript dependency files

Supported Files

  • package-lock.json
  • yarn.lock
  • pnpm-lock.yaml

Scan Methods

  • Upload your lockfile
  • Paste file contents
  • Import from GitHub

What You Get

  • Vulnerability details
  • Fixed versions
  • Severity scores

Recent npm Vulnerabilities

Latest security issues affecting JavaScript/TypeScript packages

CRITICAL
GHSA-xvch-5gv4-984h
Prototype Pollution in minimist...
HIGH
GHSA-83g3-92jg-28cx
Arbitrary File Read/Write via Hardlink Target Escape Through Symlink Chain in no...
HIGH
GHSA-43fc-jf86-j433
Axios is Vulnerable to Denial of Service via __proto__ Key in mergeConfig...
HIGH
GHSA-34x7-hfp2-rc4v
node-tar Vulnerable to Arbitrary File Creation/Overwrite via Hardlink Path Trave...
HIGH
GHSA-r6q2-hw4h-h46w
Race Condition in node-tar Path Reservations via Unicode Ligature Collisions on ...
View all vulnerabilities

Most Affected npm Packages

Packages with the most known vulnerabilities

1
tar
10 vulns
2
axios
6 vulns
3
lodash
3 vulns
4
lodash-es
3 vulns
5
express
2 vulns
Browse all npm packages

Secure Your JavaScript/TypeScript Dependencies

Scan your package.json or lockfile against the OSV database. Get results in seconds with clear remediation guidance.

Scan Now - It's FreeRead the Docs
Data from OSV Database27+ npm vulnerabilities indexedUpdated daily