Vulnerability Library

search
ID
Packages
Summary
Affected versions
Published
Fix
GHSA-x768-cvr2-345r
  • SwiftURL/github.com/swift-server/swift-prometheus
 Un-sanitized metric name or labels can be used to take over exported metrics
  • 2.0.0-alpha.1
 2024-03-29T19:05:26Z Fix available
GHSA-r6r4-5pr8-gjcp
  • SwiftURL/github.com/vapor/vapor
 Vapor contains an integer overflow in URI leading to potential host spoofing
  • See details.
 2024-01-03T21:44:35Z Fix available
GHSA-5844-q3fc-56rh
  • npm/pubnub
  • Maven/com.pubnub:pubnub-kotlin
  • Maven/com.pubnub:pubnub
  • Go/github.com/pubnub/go/v7
  • Go/github.com/pubnub/go
  • Go/github.com/pubnub/go/v6
  • Go/github.com/pubnub/go/v5
  • NuGet/Pubnub
  • SwiftURL/github.com/pubnub/swift
  • RubyGems/pubnub
  • crates.io/pubnub
  • Packagist/pubnub/pubnub
  • Pub/pubnub
  • PyPI/pubnub
 pubnub Insufficient Entropy vulnerability
  • 4.0.0
  • 4.0.1
  • 5.0.0
  • 5.0.1
  • 5.0.2
  • 5.1.0
  • 5.1.1
  • ...
 2023-12-06T06:30:20Z Fix available
GHSA-qppj-fm5r-hxr3
  • SwiftURL/github.com/apple/swift-nio-http2
  • Go/golang.org/x/net
  • Go/google.golang.org/grpc
  • Maven/org.apache.tomcat:tomcat
  • Maven/org.apache.tomcat.embed:tomcat-embed-core
  • Maven/org.eclipse.jetty.http2:http2-common
  • Maven/org.eclipse.jetty.http2:http2-server
  • Maven/org.eclipse.jetty.http2:jetty-http2-common
  • Maven/org.eclipse.jetty.http2:jetty-http2-server
  • Maven/com.typesafe.akka:akka-http-core
  • Maven/com.typesafe.akka:akka-http-core_2.13
  • Maven/com.typesafe.akka:akka-http-core_2.12
  • Maven/com.typesafe.akka:akka-http-core_2.11
 HTTP/2 Stream Cancellation Attack
  • 11.0.0-M1
  • 11.0.0-M10
  • 11.0.0-M11
  • 11.0.0-M3
  • 11.0.0-M4
  • 11.0.0-M5
  • 11.0.0-M6
  • ...
 2023-10-10T21:28:24Z Fix available
GHSA-3mwq-h3g6-ffhm
  • SwiftURL/github.com/vapor/vapor
 Vapor's incorrect request error handling triggers server crash
  • See details.
 2023-10-05T20:55:58Z Fix available
GHSA-c2cc-3569-6jh2
  • SwiftURL/github.com/weichsel/ZIPFoundation
 Path traversal in ZIPFoundation
  • See details.
 2023-08-31T00:30:17Z Fix available
GHSA-g454-wj9r-jpg4
  • SwiftURL/github.com/marmelroy/Zip
 Path traversal in Zip Swift
  • See details.
 2023-08-31T00:30:17Z No fix available
GHSA-vxvm-qww3-2fh7
  • Packagist/mongodb/mongodb
  • npm/mongodb
  • SwiftURL/github.com/mongodb/mongo-swift-driver
 MongoDB Driver may publish events containing authentication-related data
  • 1.0.0
  • 1.0.1
  • 1.0.2
  • 1.0.3
  • 1.0.4
  • 1.0.5
  • 1.1.0
  • ...
 2023-08-29T18:31:53Z Fix available
GHSA-jq43-q8mx-r7mq
  • SwiftURL/github.com/migueldeicaza/SwiftTerm
 SwiftTerm Code Injection vulnerability
  • See details.
 2023-07-14T21:58:43Z Fix available
GHSA-r6ww-5963-7r95
  • SwiftURL/github.com/grpc/grpc-swift
 Denial of Service via reachable assertion
  • See details.
 2023-06-09T19:33:16Z Fix available
GHSA-q36x-r5x4-h4q6
  • SwiftURL/github.com/apple/swift-nio-http2
 Denial of service via HTTP/2 HEADERS frames padding
  • See details.
 2023-06-09T19:32:49Z Fix available
GHSA-rv3x-xq3r-8j9h
  • SwiftURL/github.com/vapor/leaf-kit
 LeafKit allows XSS with untrusted user input
  • See details.
 2023-06-09T19:32:32Z Fix available
GHSA-2jx2-qcm4-rf9h
  • SwiftURL/github.com/grpc/grpc-swift
 Incomplete Internal State Distinction in GRPCWebToHTTP2ServerCodec
  • See details.
 2023-06-09T19:32:18Z Fix available
GHSA-rxmj-hg9v-vp3p
  • SwiftURL/github.com/grpc/grpc-swift
 Uncontrolled Resource Consumption in LengthPrefixedMessageReader
  • See details.
 2023-06-09T19:32:11Z Fix available
GHSA-pqwh-c2f3-vxmq
  • SwiftURL/github.com/vapor/vapor
 Untrusted data fed into `Data.init(base32Encoded:)` can result in exposing server memory and/or crash
  • See details.
 2023-06-09T19:31:54Z Fix available
GHSA-gcj9-jj38-hwmc
  • SwiftURL/github.com/vapor/vapor
 Vapor's Metrics integration could cause a system drain
  • See details.
 2023-06-09T19:31:47Z Fix available
Load more...(1 page left)