Vulnerability Library

search
ID
Packages
Summary
Affected versions
Published
Fix
GHSA-2j6r-9vv4-6gf5
  • Go/github.com/bincyber/go-sqlcrypter
 github.com/bincyber/go-sqlcrypter vulnerable to IV collision
  • See details.
 2024-05-20T21:56:07Z No fix available
GHSA-qjcv-rx3v-7mvj
  • Go/github.com/cosmos/ibc-go/v7
  • Go/github.com/cosmos/ibc-go/v6
  • Go/github.com/cosmos/ibc-go/v5
  • Go/github.com/cosmos/ibc-go/v4
  • Go/github.com/cosmos/ibc-go/v3
  • Go/github.com/cosmos/ibc-go/v2
  • Go/github.com/cosmos/ibc-go
 github.com/cosmos/ibc-go affected by IBC protocol "Huckleberry" vulnerability
  • See details.
 2024-05-20T21:51:33Z Fix available
GHSA-crgc-2583-rw27
  • Go/github.com/stacklok/minder
 Stacklok Minder vulnerable to denial of service from maliciously crafted templates
  • See details.
 2024-05-20T20:43:54Z Fix available
GHSA-xcq4-m2r3-cmrj
  • Go/github.com/aquasecurity/trivy
 Trivy possibly leaks registry credential when scanning images from malicious registries
  • See details.
 2024-05-20T20:36:53Z Fix available
GHSA-v45m-hxqp-fwf5
  • Packagist/verbb/formie
 verbb/formie Server-Side Template Injection for variable-enabled settings
  • 1.0.0
  • 1.0.1
  • 1.0.2
  • 1.0.3
  • 1.0.4
  • 1.0.5
  • 1.0.6
  • ...
 2024-05-20T20:26:28Z Fix available
GHSA-9wx4-h78v-vm56
  • PyPI/requests
 Requests `Session` object does not verify requests after making first request with verify=False
  • 0.0.1
  • 0.10.0
  • 0.10.1
  • 0.10.2
  • 0.10.3
  • 0.10.4
  • 0.10.6
  • ...
 2024-05-20T20:15:00Z Fix available
GO-2024-2748
  • Go/k8s.io/apimachinery
  • Go/k8s.io/kubernetes
 Privilege Escalation in Kubernetes in k8s.io/apimachinery
  • See details.
 2024-05-20T19:46:32Z Fix available
GO-2024-2632
  • Go/github.com/lestrrat-go/jwx
  • Go/github.com/lestrrat-go/jwx/v2
 JWX vulnerable to a denial of service attack using compressed JWE message in github.com/lestrrat-go/jwx
  • See details.
 2024-05-20T19:46:23Z Fix available
GO-2024-2574
  • Go/github.com/gofiber/fiber/v2
 Insecure CORS Configuration allowing wildcard origin with credentials in github.com/gofiber/fiber/v2
  • See details.
 2024-05-20T19:46:13Z Fix available
GO-2024-2694
  • Go/github.com/cosmos/ibc-go
  • Go/github.com/cosmos/ibc-go/v2
  • Go/github.com/cosmos/ibc-go/v3
  • Go/github.com/cosmos/ibc-go/v4
  • Go/github.com/cosmos/ibc-go/v5
  • Go/github.com/cosmos/ibc-go/v6
  • Go/github.com/cosmos/ibc-go/v7
  • Go/github.com/cosmos/ibc-go/v8
 Potential Reentrancy using Timeout Callbacks in ibc-hooks in github.com/cosmos/ibc-go
  • See details.
 2024-05-20T19:46:03Z Fix available
GO-2024-2702
  • Go/github.com/flipped-aurora/gin-vue-admin/server
 Code injection vulnerability in github.com/flipped-aurora/gin-vue-admin/server
  • See details.
 2024-05-20T19:45:57Z Fix available
GO-2024-2842
  • Go/github.com/containers/image/v5
 Unexpected authenticated registry accesses in github.com/containers/image/v5
  • See details.
 2024-05-20T19:45:51Z Fix available
GHSA-f98p-2hc5-fm7v
  • Packagist/wwbn/avideo
 AVideo cross-site scripting vulnerability in the view/about.php page
  • 10.4
  • 10.8
  • 11
  • 11.1
  • 11.1.1
  • 11.5
  • 11.6
  • ...
 2024-05-20T18:43:57Z Fix available
GHSA-5f97-h2c2-826q
  • npm/@apidevtools/json-schema-ref-parser
 json-schema-ref-parser Prototype Pollution issue
  • See details.
 2024-05-20T18:31:23Z Fix available
GHSA-8vr4-h4rr-8ph6
  • npm/@bit/loader
 MiguelCastillo @bit/loader Prototype Pollution issue
  • See details.
 2024-05-20T18:31:23Z No fix available
GHSA-g3q2-vcjq-rgrc
  • npm/@blackprint/engine
 Blackprint @blackprint/engine Prototype Pollution issue
  • See details.
 2024-05-20T18:31:22Z Fix available
Load more...