Repos / c3u0__C2XAI / Security

Security: C2Xai

15
Vulnerabilities
32
Credential Leaks

AI Fix Prompts

Auto-generated prompts to fix every issue — copy into Claude, GPT, or any AI coder

View AI Prompts

Vulnerabilities (15)

Same analyzer free for public repos: https://repobility.com
SeverityIDPackageVersionSummary
criticalCVE-2025-62718axios1.13.5Axios is a promise based HTTP client for the browser and Node.js. Prio ...
criticalGHSA-3p68-rc4w-qgx5axios1.13.5
criticalGHSA-fvcv-3m26-pcqxaxios1.13.5
criticalCVE-2026-40175axios1.13.5Axios is a promise based HTTP client for the browser and Node.js. Prio ...
highCVE-2026-39364vite7.1.11vite: Vite: Information disclosure via query parameter manipulation on the development server
highCVE-2026-31812quinn-proto0.11.13quinn-proto: quinn-proto: Denial of Service via crafted QUIC Initial packet
highGHSA-v2wj-q39q-566rvite7.1.11
highGHSA-p9ff-h696-f583vite7.1.11
highGHSA-6xvm-j4wr-6v98quinn-proto0.11.13
highGHSA-cxww-7g56-2vh6actions/download-artifactv4
highGHSA-q4gf-8mx6-v5v3next16.2.2Next.js has a Denial of Service with Server Components
highCVE-2026-39363vite7.1.11Vite: Vite: Information disclosure via WebSocket connection bypasses access control
mediumCVE-2026-39365vite7.1.11vite: Vite: Information disclosure via path traversal in dev server's .map request handling
mediumGHSA-wrw7-89jp-8q8gglib0.18.5Unsoundness in `Iterator` and `DoubleEndedIterator` impls for `glib::VariantStrIter`
mediumGHSA-4w7w-66w2-5vf9vite7.1.11

Credential Findings (32)

Generated by the Repobility scanner · https://repobility.com
SeverityPatternFileLine
criticalVault Tokenlib/utils/file-transform-utils.ts111
criticalVault Tokenlib/rate-limit/refund.ts28
criticalVault Tokenlib/rate-limit/refund.ts35
criticalVault Tokenlib/rate-limit/refund.ts56
criticalVault Tokenlib/usage-tracker.ts48
criticalVault Tokenapp/components/MessagePartHandler.tsx91
criticalVault Tokenapp/components/MessagePartHandler.tsx92
criticalVault Tokenapp/components/extra-usage/BuyExtraUsageDialog.tsx63
criticalVault Tokenapp/hooks/useChatHandlers.ts81
criticalVault Tokenapp/hooks/useChatHandlers.ts85
criticalVault Tokenapp/hooks/useChatHandlers.ts91
criticalVault Tokenapp/hooks/useFileUpload.ts45
criticalVault Tokenconvex/extraUsage.ts596
criticalVault Tokenconvex/extraUsage.ts597
criticalVault Tokenconvex/extraUsage.ts609
criticalVault Tokenconvex/extraUsage.ts610
criticalVault Tokenconvex/extraUsage.ts624
criticalVault Tokenconvex/extraUsage.ts625
criticalVault Tokenconvex/extraUsage.ts648
criticalVault Tokenconvex/extraUsage.ts650
criticalVault Tokene2e/page-objects/UpgradeDialog.ts102
criticalVault Tokene2e/page-objects/UpgradeDialog.ts106
criticalVault Tokene2e/page-objects/UpgradeDialog.ts111
criticalJWT Secret Keylib/ai/tools/utils/hybrid-sandbox-manager.ts278
criticalVault Tokenlib/db/actions.ts283
criticalVault Tokenlib/db/actions.ts637
criticalVault Tokenlib/db/actions.ts652
criticalVault Tokenlib/db/actions.ts776
high[sast:aljefra/ssrf-http-client] SSRF via HTTP Client with Dynamic URLapp/components/AllFilesDialog.tsx297
high[sast:aljefra/ssrf-http-client] SSRF via HTTP Client with Dynamic URLapp/components/FilePartRenderer.tsx174
high[sast:aljefra/ssrf-http-client] SSRF via HTTP Client with Dynamic URLapp/components/FilePartRenderer.tsx224
high[sast:aljefra/ssrf-http-client] SSRF via HTTP Client with Dynamic URLapp/components/AllFilesDialog.tsx51

Export

SARIF SBOM (CycloneDX) SBOM (SPDX) Vulns CSV Generate AI Fix Prompts (5)