OSV

CVE-2019-18422

Alpine:v3.10/xen
Alpine:v3.11/xen
Alpine:v3.12/xen
Alpine:v3.13/xen
Alpine:v3.14/xen
Alpine:v3.15/xen
Alpine:v3.16/xen
Alpine:v3.17/xen
Alpine:v3.8/xen
Alpine:v3.9/xen

4.0.1-r0
4.0.1-r1
4.0.1-r2
4.0.1-r3
4.1.0-r0
4.1.0-r1
4.1.0-r2
...

2023-02-04T02:20:57.904458Z

Fix available

CVE-2019-17349

Alpine:v3.10/xen
Alpine:v3.11/xen
Alpine:v3.12/xen
Alpine:v3.13/xen
Alpine:v3.14/xen
Alpine:v3.15/xen
Alpine:v3.16/xen
Alpine:v3.17/xen
Alpine:v3.9/xen

4.0.1-r0
4.0.1-r1
4.0.1-r2
4.0.1-r3
4.1.0-r0
4.1.0-r1
4.1.0-r2
...

2023-02-04T02:20:49.903895Z

Fix available

CVE-2021-3995

Alpine:v3.12/util-linux
Alpine:v3.13/util-linux
Alpine:v3.14/util-linux
Alpine:v3.15/util-linux
Alpine:v3.16/util-linux
Alpine:v3.17/util-linux

2.14.1-r0
2.14.1-r1
2.14.2-r0
2.16-r0
2.16-r1
2.16-r2
2.16.2-r0
...

2023-02-04T02:20:15.773504Z

Fix available

OSV-2022-37

OSS-Fuzz/tdengine

Heap-buffer-overflow in stringProcess

ver-2.5.0.0
ver-2.5.0.1
ver-2.6.0.0
ver-2.6.0.1
ver-2.6.0.3-kh
ver-2.6.0.4
ver-2.6.0.6
...

2023-02-04T01:09:45.225130Z

No fix available

GHSA-3gv2-29qc-v67m

Packagist/symfony/security-bundle
Packagist/symfony/security-bundle
Packagist/symfony/security-bundle
Packagist/symfony/security-bundle
Packagist/symfony/security-bundle
Packagist/symfony/symfony
Packagist/symfony/symfony
Packagist/symfony/symfony
Packagist/symfony/symfony
Packagist/symfony/symfony

Symfony vulnerable to Session Fixation of CSRF tokens

2.0.7
v2.0.10
v2.0.12
v2.0.13
v2.0.14
v2.0.15
v2.0.16
...

2023-02-04T00:50:54.238658Z

Fix available

GHSA-h7vf-5wrv-9fhv

Packagist/symfony/http-kernel
Packagist/symfony/http-kernel
Packagist/symfony/http-kernel
Packagist/symfony/http-kernel
Packagist/symfony/http-kernel
Packagist/symfony/symfony
Packagist/symfony/symfony
Packagist/symfony/symfony
Packagist/symfony/symfony
Packagist/symfony/symfony

Symfony storing cookie headers in HttpCache

2.0.4
2.0.5
2.0.6
2.0.7
v2.0.10
v2.0.12
v2.0.13
...

2023-02-04T00:50:54.047648Z

Fix available

GHSA-q5f8-fxrx-pw6f

Maven/org.jenkins-ci.main:jenkins-core

Jenkins subject to Cross-site Scripting

1.396
1.397
1.398
1.399
1.400
1.401
1.403
...

2023-02-04T00:45:18.316258Z

Fix available

GHSA-939x-6mwj-96r2

Maven/org.jenkins-ci.plugins:azure-ad

Insufficient Session Expiration in Jenkins Azure AD Plugin

0.1.1
0.1.1-1
0.2.0
0.3.0
0.3.1
0.3.2
0.3.3
...

2023-02-04T00:43:09.288953Z

No fix available

GHSA-7q8x-38mc-p84f

PyPI/mako

Mako contains Cross-site Scripting vulnerability

0.1.0
0.1.1
0.1.10
0.1.2
0.1.3
0.1.4
0.1.5
...

2023-02-04T00:39:45.411440Z

Fix available

GHSA-626q-v9j4-mcp4

PyPI/openzeppelin-cairo-contracts

OpenZeppelin Contracts contains Improper Verification of Cryptographic Signature

0.2.0
0.2.1
0.3.0
0.3.1
0.3.2
0.4.0
0.4.0b0
...

2023-02-04T00:37:53.085779Z

Fix available

GHSA-q3c8-65q7-9v78

Packagist/automad/automad

Cross site scripting in automad/automad

1.0.0
1.0.0-beta1
1.0.0-beta2
1.0.0-beta3
1.0.0-beta4
1.0.0-beta5
1.0.1
...

2023-02-04T00:36:08.954263Z

Fix available

GHSA-33gv-rvgq-gpxp

NuGet/BTCPayServer.Client

HTML injections in BTCPayServer

1.0.4.2
1.0.4.3
1.0.4.4
1.0.4.5
1.0.4.6
1.0.4.7
1.0.4.8
...

2023-02-04T00:35:56.833580Z

Fix available

GHSA-2q75-f7cp-w86q

PyPI/plone
PyPI/plone

Plone contains Cross-site Request Forgery

3.2
3.2.1
3.2.2
3.2.3
3.2a1
3.2rc1
3.3
...

2023-02-04T00:30:52.572071Z

Fix available

GHSA-4q83-7cq4-p6wg

crates.io/tokio
crates.io/tokio
crates.io/tokio

`tokio::io::ReadHalf<T>::unsplit` is Unsound

See details.

2023-02-04T00:30:37Z

Fix available

GHSA-fqp6-fw9g-xpxp

Maven/org.jeecgframework.boot:jeecg-boot-base

Insecure Permissions issue in jeecg-boot

See details.

2023-02-04T00:30:27Z

No fix available

GHSA-rwhw-6c6r-2823

Maven/org.jeecgframework.boot:jeecg-boot-base

Insecure Permissions issue in jeecg-boot

See details.

2023-02-04T00:30:25Z

No fix available

Vulnerability Library