Vulnerability Database
Blog
FAQ
Docs
Vulnerability Library
search
All ecosystems
116793
AlmaLinux
2819
Alpine
3399
Android
890
Bitnami
3902
CRAN
10
crates.io
1352
Debian
9879
GIT
33039
GitHub Actions
16
Go
2172
Hackage
18
Hex
30
Linux
13573
Maven
4887
npm
14431
NuGet
582
OSS-Fuzz
3305
Packagist
3406
Pub
8
PyPI
11934
Rocky Linux
1192
RubyGems
789
SwiftURL
31
Ubuntu
5129
ID
Packages
Summary
Affected versions
Published
Fix
GHSA-w4h6-9wrp-v5jq
PyPI/frigate
Malicious Long Unicode filenames may cause a Multiple Application-level Denial of Service
0.1.0
0.2.0
0.3.0
0.4.0
0.4.0a0
0.4.0a0.post0.dev14
0.5.0
...
2024-05-09T15:13:49Z
Fix available
GHSA-299q-3p96-5898
PyPI/apache-superset
Apache Superset Incorrect Authorization vulnerability
0.34.0
0.34.1
0.35.1
0.35.2
0.36.0
0.37.0
0.37.1
...
2024-05-07T15:30:36Z
Fix available
MAL-2024-1334
Malicious code in multiconnections (PyPI)
2.34.23
2.35.1
2.35.4
2.35.7
2.35.5
2024-05-06T23:58:22Z
No fix available
GHSA-wvhx-q427-fgh3
PyPI/html-sanitizer
Arbitrary HTML present after sanitization because of unicode normalization
1.0.0
1.1.0
1.1.1
1.1.2
1.1.3
1.1.4
1.2.0
...
2024-05-06T14:33:32Z
Fix available
GHSA-2g68-c3qc-8985
PyPI/werkzeug
Werkzeug debugger vulnerable to remote execution when interacting with attacker controlled domain
0.1
0.10
0.10.1
0.10.2
0.10.3
0.10.4
0.11
...
2024-05-06T14:21:27Z
Fix available
GHSA-h75v-3vvj-5mfj
PyPI/jinja2
Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter
2.0
2.0rc1
2.1
2.1.1
2.10
2.10.1
2.10.2
...
2024-05-06T14:20:59Z
Fix available
GHSA-83pv-qr33-2vcf
PyPI/litestar
PyPI/starlite
Litestar and Starlite vulnerable to Path Traversal
2.8.0
2.8.1
2.8.2
1.37.0
1.38.0
1.39.0
1.40.0
...
2024-05-06T14:20:50Z
Fix available
GHSA-23qq-p4gq-gc2g
PyPI/wordops
WordOps has TOCTOU race condition
3.10.0
3.10.1
3.10.2
3.10.3
3.11.0
3.11.1
3.11.2
...
2024-05-06T00:30:52Z
No fix available
GHSA-vjc4-3vgx-pq9h
PyPI/nebari
Nebari prints temporary Keycloak root password
0.0.1
2022.10.1
2022.10.1rc1
2022.10.1rc2
2022.11.1
2022.11.1rc1
2022.11.1rc4
...
2024-05-06T00:30:52Z
No fix available
GHSA-34rf-p3r3-58x2
PyPI/gradio
Gradio's Component Server does not properly consider` _is_server_fn` for functions
0.1.0
0.1.1
0.1.2
0.1.3
0.1.4
0.1.5
0.1.6
...
2024-05-05T21:30:31Z
Fix available
MAL-2024-1333
Malicious code in threadxpools (PyPI)
1.2
1.0
2024-05-05T19:10:54Z
No fix available
GHSA-59p2-v62x-gxj8
PyPI/ryu
Ryu Infinite Loop vulnerability
0.2
1.0
1.1
1.2
1.3
1.4
1.5
...
2024-05-05T03:30:47Z
No fix available
GHSA-7hmm-wg23-2w7m
PyPI/ryu
Ryu Infinite Loop vulnerability
0.2
1.0
1.1
1.2
1.3
1.4
1.5
...
2024-05-05T03:30:47Z
No fix available
GHSA-c7w6-33j3-j3mx
PyPI/ryu
Ryu Infinite Loop vulnerability
0.2
1.0
1.1
1.2
1.3
1.4
1.5
...
2024-05-05T03:30:47Z
No fix available
GHSA-ffp9-pfq9-g2ww
PyPI/ryu
Ryu Infinite Loop vulnerability
0.2
1.0
1.1
1.2
1.3
1.4
1.5
...
2024-05-05T03:30:47Z
No fix available
GHSA-fgpw-cx3v-wj95
PyPI/ryu
Ryu Infinite Loop vulnerability
0.2
1.0
1.1
1.2
1.3
1.4
1.5
...
2024-05-05T03:30:47Z
No fix available
Load more...
PyPI - OSV