OSV - Open Source Vulnerabilities

BIT-apisix-2024-32638

Bitnami/apisix

See record for full details

See details.

2024-05-04T07:16:19.720Z

Fix available

BIT-activemq-2024-32114

Bitnami/activemq

See record for full details

See details.

2024-05-04T07:16:13.914Z

Fix available

MAL-2024-1323

Malicious code in @socialdeal/uikit-whitelabel (npm)

999.100.1

2024-05-04T05:00:41Z

No fix available

MAL-2024-1324

Malicious code in ing-feat-grants-management (npm)

999.100.1

2024-05-04T04:56:30Z

No fix available

OSV-2024-403

git.ghostscript.com/ghostpdl.git

UNKNOWN READ in mem_planar_put_image_slow

See details.

2024-05-04T00:02:34.636950Z

No fix available

DLA-3807-1

Debian:10/glibc

glibc - security update

2.28-10
2.28-10+deb10u1
2.28-10+deb10u2

2024-05-04T00:00:00Z

Fix available

MAL-2024-1322

Malicious code in lamia471 (npm)

1.0.0

2024-05-03T22:58:38Z

No fix available

GHSA-hfrv-h3q8-9jpr

npm/kurwov

kurwov vulnerable to Denial of Service due to improper data sanitization

See details.

2024-05-03T20:30:38Z

Fix available

GHSA-qq22-jj8x-4wwv

Go/github.com/pterodactyl/wings

Pterodactyl Wings vulnerable to Server-Side Request Forgery during remote file pull

See details.

2024-05-03T20:29:59Z

Fix available

GHSA-384w-wffr-x63q

Packagist/pterodactyl/panel

Pterodactyl panel's admin area vulnerable to Cross-site Scripting

v0.1.0-beta
v0.1.1-beta
v0.1.2-beta
v0.2.0-beta
v0.3.0-beta
v0.4.0-beta
v0.4.1-beta
...

2024-05-03T20:29:04Z

Fix available

GHSA-gqmf-jqgv-v8fw

Go/github.com/pterodactyl/wings

Pterodactyl Wings vulnerable to Arbitrary File Write/Read

See details.

2024-05-03T20:28:10Z

Fix available

GHSA-7pc3-pr3q-58vg

PyPI/sagemaker

sagemaker-python-sdk Command Injection vulnerability

1.0.0
1.0.1
1.0.2
1.1.0
1.1.1
1.1.2
1.1.3
...

2024-05-03T20:26:03Z

Fix available

GHSA-wjvx-jhpj-r54r

PyPI/sagemaker

sagemaker-python-sdk vulnerable to Deserialization of Untrusted Data

1.0.0
1.0.1
1.0.2
1.1.0
1.1.1
1.1.2
1.1.3
...

2024-05-03T20:25:33Z

Fix available

GHSA-c3hm-hxwf-g5c6

crates.io/vodozemac

vodozemac has degraded secret zeroization capabilities

See details.

2024-05-03T19:34:07Z

Fix available

GHSA-g7vv-2v7x-gj9p

PyPI/tqdm

tqdm CLI arguments injection attack

4.10.0
4.11.0
4.11.1
4.11.2
4.12.0
4.13.0
4.14.0
...

2024-05-03T19:33:28Z

Fix available

GHSA-4h8f-2wvx-gg5w

Maven/org.bouncycastle:bcprov-jdk18on
Maven/org.bouncycastle:bcprov-jdk15to18
Maven/org.bouncycastle:bcprov-jdk14
Maven/org.bouncycastle:bcprov-jdk13
Maven/org.bouncycastle:bcprov-jdk12

Bouncy Castle Java Cryptography API vulnerable to DNS poisoning

1.71
1.71.1
1.72
1.73
1.74
1.75
1.76
...

2024-05-03T18:30:37Z

Fix available

Vulnerability Library