Search for packages
| purl | pkg:npm/forms@1.1.3 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-rd5u-wwsc-3udk
Aliases: CVE-2021-23388 GHSA-c56f-grv3-gpfr |
The forms package is vulnerable to Regular Expression Denial of Service (ReDoS) via email validation. |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-swpf-a5wf-1ub1
Aliases: CVE-2017-16015 GHSA-vwjj-2852-3765 |
Cross-site Scripting The forms package does not have proper html escaping. This means that if the application did not sanitize html on behalf of forms, use of forms may be vulnerable to XSS. |
Affected by 1 other vulnerability. |
|
VCID-xc19-xkkh-9ucs
Aliases: GMS-2017-125 |
XSS Vulnerability Forms did not have proper html escaping. This means that if the application did not sanitize html on behalf of forms, use of forms may be vulnerable to cross site scripting |
Affected by 1 other vulnerability. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-06T23:16:11.682284+00:00 | GHSA Importer | Affected by | VCID-swpf-a5wf-1ub1 | https://github.com/advisories/GHSA-vwjj-2852-3765 | 38.6.0 |
| 2026-06-06T00:43:25.615970+00:00 | GitLab Importer | Affected by | VCID-rd5u-wwsc-3udk | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/forms/CVE-2021-23388.yml | 38.6.0 |
| 2026-06-04T20:12:32.809941+00:00 | GitLab Importer | Affected by | VCID-swpf-a5wf-1ub1 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/forms/CVE-2017-16015.yml | 38.6.0 |
| 2026-06-04T20:07:45.858209+00:00 | GitLab Importer | Affected by | VCID-xc19-xkkh-9ucs | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/forms/GMS-2017-125.yml | 38.6.0 |