StimulusReflex versions 3.5.0 up to and including 3.5.0.rc2 and 3.5.0.pre10 suffer from an arbitrary code execution vulnerability.
9e5263d5183618a2c41a25b126b245bfa777329a2f535120971b95cdc71f0486
TypeORM versions prior to 0.3.0 suffer from a remote SQL injection vulnerability in the findOne function.
fd166627536e61322f676b3adf3875427b5eb32b7305d966ceefdc69b93b2f39