Vulnerability Library

search
ID
Packages
Summary
Affected versions
Published
Fix
GHSA-3fmq-x9q6-wm39
  • Packagist/paragonie/random_compat
 random_compat Uses insecure CSPRNG
  • 0.9.0
  • 0.9.1
  • 0.9.2
  • 0.9.3
  • 0.9.4
  • 0.9.5
  • 1.0.10
  • ...
 2024-05-17T23:27:19Z Fix available
GHSA-g48f-pgwh-wwxx
  • Packagist/onelogin/php-saml
 onelogin/php-saml signature wrapping attacks
  • 2.0.0
  • 2.1.0
  • 2.3.0
  • 2.4.0
  • 2.5.0
  • 2.6.0
  • 2.6.1
  • ...
 2024-05-17T23:06:55Z Fix available
GHSA-9wrw-p9rm-r782
  • Packagist/onelogin/php-saml
 onelogin/php-saml Improper signature validation on LogoutRequest/LogoutResponse.
  • 2.0.0
  • 2.1.0
  • 2.10.0
  • 2.10.1
  • 2.10.2
  • 2.10.3
  • 2.3.0
  • ...
 2024-05-17T23:06:54Z Fix available
GHSA-r2r8-36pq-27cm
  • Packagist/nzo/url-encryptor-bundle
 nzo/url-encryptor-bundle Insecure default secret key and IV allowing anyone to decrypt values
  • v5.0.0
  • 4.1.0
  • 4.2.0
  • 4.2.1
  • v4.2.2
  • v4.2.3
  • v4.3.0
  • ...
 2024-05-17T23:06:52Z Fix available
GHSA-rq6q-hjvh-5mwh
  • Packagist/neos/swiftmailer
 Flow Swift Mailer package Remote code execution
  • 4.1.5
  • 5.0.3
  • 5.2.2
  • 5.3.1
  • 5.4.1
  • 5.4.2
 2024-05-17T23:06:50Z Fix available
GHSA-6cj3-rc4p-f38f
  • Packagist/neos/neos
 Cross-site Scripting vulnerabilities in Neos
  • See details.
 2024-05-17T23:04:02Z Fix available
GHSA-43cf-7f3h-38rg
  • Packagist/neos/neos
 Privilege Escalation in TYPO3 Neos
  • See details.
 2024-05-17T23:03:46Z Fix available
GHSA-6pq8-67pw-j6hw
  • Packagist/neos/flow
 Time-Based Information Disclosure Vulnerability in Flow
  • 2.3.0
  • 2.3.1
  • 2.3.10
  • 2.3.11
  • 2.3.12
  • 2.3.13
  • 2.3.14
  • ...
 2024-05-17T23:03:25Z Fix available
GHSA-3c5g-73f7-grvm
  • Packagist/neos/neos
 Neos Information Disclosure Security Note
  • 3.0.0
  • 3.0.1
  • 3.0.10
  • 3.0.11
  • 3.0.12
  • 3.0.13
  • 3.0.14
  • ...
 2024-05-17T22:54:47Z Fix available
GHSA-9cw3-j7wg-jwj8
  • Packagist/neos/flow
 Neos Flow Information disclosure in entity security
  • 3.0.0
  • 3.0.1
  • 3.0.10
  • 3.0.11
  • 3.0.2
  • 3.0.3
  • 3.0.4
  • ...
 2024-05-17T22:54:45Z Fix available
GHSA-5vv7-j593-mgjc
  • Packagist/neos/flow
 Neos Flow Arbitrary file upload and XML External Entity processing
  • 2.3.0
  • 2.3.1
  • 2.3.2
  • 2.3.3
  • 2.3.4
  • 2.3.5
  • 2.3.6
  • ...
 2024-05-17T22:54:42Z Fix available
GHSA-7h74-7vcw-4mwp
  • Packagist/neos/flow
 Insecure deserialize Vulnerability in FLOW3
  • See details.
 2024-05-17T22:32:12Z Fix available
GHSA-4rr6-gf59-ggw5
  • Packagist/namshi/jose
 namshi/jose - Verification bypass
  • 1.0.0
  • 1.0.0-beta1
  • 1.0.0-rc1
  • 1.0.1
  • 1.0.2
  • 1.1.0
  • 1.1.1
  • ...
 2024-05-17T22:31:44Z Fix available
GHSA-hxhc-wmg8-xrqf
  • Packagist/namshi/jose
 namshi/jose insecure JSON Web Signatures (JWS)
  • 1.0.0
  • 1.0.0-beta1
  • 1.0.0-rc1
  • 1.0.1
  • 1.0.2
  • 1.1.0
  • 1.1.1
  • ...
 2024-05-17T22:31:42Z Fix available
GHSA-f57v-q966-7fh6
  • Packagist/monolog/monolog
 Monolog Header injection in NativeMailerHandler
  • 1.10.0
  • 1.11.0
  • 1.8.0
  • 1.9.0
  • 1.9.1
 2024-05-15T23:08:13Z Fix available
GHSA-8j7c-682x-r9f2
  • Packagist/magento/community-edition
 Magento RCE,XSS and other vulnerabilities
  • 2.1.0
  • 2.1.0-rc1
  • 2.1.0-rc2
  • 2.1.0-rc3
  • 2.1.1
  • 2.1.10
  • 2.1.11
  • ...
 2024-05-15T22:34:11Z Fix available
Load more...