Vulnerability Library

search
ID
Packages
Summary
Affected versions
Published
Fix
GHSA-w4h6-9wrp-v5jq
  • PyPI/frigate
 Malicious Long Unicode filenames may cause a Multiple Application-level Denial of Service
  • 0.1.0
  • 0.2.0
  • 0.3.0
  • 0.4.0
  • 0.4.0a0
  • 0.4.0a0.post0.dev14
  • 0.5.0
  • ...
 2024-05-09T15:13:49Z Fix available
GHSA-299q-3p96-5898
  • PyPI/apache-superset
 Apache Superset Incorrect Authorization vulnerability
  • 0.34.0
  • 0.34.1
  • 0.35.1
  • 0.35.2
  • 0.36.0
  • 0.37.0
  • 0.37.1
  • ...
 2024-05-07T15:30:36Z Fix available
MAL-2024-1334
Malicious code in multiconnections (PyPI)
  • 2.34.23
  • 2.35.1
  • 2.35.4
  • 2.35.7
  • 2.35.5
 2024-05-06T23:58:22Z No fix available
GHSA-wvhx-q427-fgh3
  • PyPI/html-sanitizer
 Arbitrary HTML present after sanitization because of unicode normalization
  • 1.0.0
  • 1.1.0
  • 1.1.1
  • 1.1.2
  • 1.1.3
  • 1.1.4
  • 1.2.0
  • ...
 2024-05-06T14:33:32Z Fix available
GHSA-2g68-c3qc-8985
  • PyPI/werkzeug
 Werkzeug debugger vulnerable to remote execution when interacting with attacker controlled domain
  • 0.1
  • 0.10
  • 0.10.1
  • 0.10.2
  • 0.10.3
  • 0.10.4
  • 0.11
  • ...
 2024-05-06T14:21:27Z Fix available
GHSA-h75v-3vvj-5mfj
  • PyPI/jinja2
 Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter
  • 2.0
  • 2.0rc1
  • 2.1
  • 2.1.1
  • 2.10
  • 2.10.1
  • 2.10.2
  • ...
 2024-05-06T14:20:59Z Fix available
GHSA-83pv-qr33-2vcf
  • PyPI/litestar
  • PyPI/starlite
 Litestar and Starlite vulnerable to Path Traversal
  • 2.8.0
  • 2.8.1
  • 2.8.2
  • 1.37.0
  • 1.38.0
  • 1.39.0
  • 1.40.0
  • ...
 2024-05-06T14:20:50Z Fix available
GHSA-23qq-p4gq-gc2g
  • PyPI/wordops
 WordOps has TOCTOU race condition
  • 3.10.0
  • 3.10.1
  • 3.10.2
  • 3.10.3
  • 3.11.0
  • 3.11.1
  • 3.11.2
  • ...
 2024-05-06T00:30:52Z No fix available
GHSA-vjc4-3vgx-pq9h
  • PyPI/nebari
 Nebari prints temporary Keycloak root password
  • 0.0.1
  • 2022.10.1
  • 2022.10.1rc1
  • 2022.10.1rc2
  • 2022.11.1
  • 2022.11.1rc1
  • 2022.11.1rc4
  • ...
 2024-05-06T00:30:52Z No fix available
GHSA-34rf-p3r3-58x2
  • PyPI/gradio
 Gradio's Component Server does not properly consider` _is_server_fn` for functions
  • 0.1.0
  • 0.1.1
  • 0.1.2
  • 0.1.3
  • 0.1.4
  • 0.1.5
  • 0.1.6
  • ...
 2024-05-05T21:30:31Z Fix available
MAL-2024-1333
Malicious code in threadxpools (PyPI)
  • 1.2
  • 1.0
 2024-05-05T19:10:54Z No fix available
GHSA-59p2-v62x-gxj8
  • PyPI/ryu
 Ryu Infinite Loop vulnerability
  • 0.2
  • 1.0
  • 1.1
  • 1.2
  • 1.3
  • 1.4
  • 1.5
  • ...
 2024-05-05T03:30:47Z No fix available
GHSA-7hmm-wg23-2w7m
  • PyPI/ryu
 Ryu Infinite Loop vulnerability
  • 0.2
  • 1.0
  • 1.1
  • 1.2
  • 1.3
  • 1.4
  • 1.5
  • ...
 2024-05-05T03:30:47Z No fix available
GHSA-c7w6-33j3-j3mx
  • PyPI/ryu
 Ryu Infinite Loop vulnerability
  • 0.2
  • 1.0
  • 1.1
  • 1.2
  • 1.3
  • 1.4
  • 1.5
  • ...
 2024-05-05T03:30:47Z No fix available
GHSA-ffp9-pfq9-g2ww
  • PyPI/ryu
 Ryu Infinite Loop vulnerability
  • 0.2
  • 1.0
  • 1.1
  • 1.2
  • 1.3
  • 1.4
  • 1.5
  • ...
 2024-05-05T03:30:47Z No fix available
GHSA-fgpw-cx3v-wj95
  • PyPI/ryu
 Ryu Infinite Loop vulnerability
  • 0.2
  • 1.0
  • 1.1
  • 1.2
  • 1.3
  • 1.4
  • 1.5
  • ...
 2024-05-05T03:30:47Z No fix available
Load more...