Vulnerability Library

ID
Packages
Summary
Affected versions
Last modified
Fix
GHSA-pjpj-f6r8-56rm
  • NuGet/Microsoft.ChakraCore
High severity vulnerability that affects Microsoft.ChakraCore
  • 1.10.0
  • 1.10.1
  • 1.10.2
  • 1.11.0
  • 1.11.1
  • 1.11.2
  • 1.11.3
  • ...
2022-08-15T09:15:32.225787Z Fix available
GHSA-92v7-pq4h-58j5
  • RubyGems/facter
  • RubyGems/facter
  • RubyGems/hiera
  • RubyGems/puppet
  • RubyGems/puppet
  • RubyGems/mcollective-client
Moderate severity vulnerability that affects facter, hiera, mcollective-client, and puppet
  • 1.0.1
  • 1.1.1
  • 1.3.3
  • 1.3.7
  • 1.3.8
  • 1.5
  • 1.5.2
  • ...
2022-08-15T09:12:56.928810Z Fix available
GHSA-5h9j-q6j2-253f
  • Maven/org.eclipse.jetty:jetty-server
  • Maven/org.eclipse.jetty:jetty-server
  • Maven/org.eclipse.jetty:jetty-server
Unescaped exception messages in error responses in Jetty
  • 9.4.21.v20190926
  • 9.4.22.v20191022
  • 9.4.23.v20191118
  • 9.4.22.v20191022
  • 9.4.23.v20191118
  • 9.4.23.v20191118
2022-08-15T09:12:52.664188Z Fix available
GHSA-wcp5-m52f-mhh5
  • Maven/net.sf.mpxj:mpxj
Improper Restriction of XML External Entity Reference in MPXJ
  • 4.7.1
  • 4.7.2
  • 4.7.3
  • 4.7.4
  • 4.7.5
  • 4.7.6
  • 5.0.0
  • ...
2022-08-15T09:12:51.731638Z Fix available
GHSA-wp2f-hrg2-3r5m
  • Maven/org.apache.uima:uimafit-core
  • Maven/org.apache.uima:uimaj-core
  • Maven/org.apache.uima:uimaj-core
  • Maven/org.apache.uima:uimaj-as-core
Improper Restriction of XML External Entity Reference in Apache uimaj
  • 2.0.0
  • 2.1.0
  • 2.2.0
  • 2.3.0
  • 2.10.0
  • 2.10.1
  • 2.3.1
  • ...
2022-08-15T09:12:51.611460Z Fix available
GHSA-h4x4-5qp2-wp46
  • Maven/com.fasterxml.jackson.datatype:jackson-datatype-jsr310
Moderate severity vulnerability that affects com.fasterxml.jackson.datatype:jackson-datatype-jsr353
  • 2.2.0-beta1
  • 2.2.1-beta2
  • 2.2.2-beta3
  • 2.2.2-beta4
  • 2.2.3-beta5
  • 2.3.0-beta6
  • 2.3.0-beta7
  • ...
2022-08-15T09:12:51.452737Z Fix available
GHSA-87cj-px37-rc3x
  • PyPI/bikeshed
OS Command Injection in bikeshed
  • 1.0.0
  • 1.0.1
  • 1.0.10
  • 1.0.2
  • 1.0.3
  • 1.0.4
  • 1.0.5
  • ...
2022-08-15T09:12:51.126971Z Fix available
GHSA-54fx-gm74-q676
  • Maven/io.smallrye.config:smallrye-config
Permissions bypass in SmallRye
  • 1.5.0
  • 1.5.1
  • 1.6.0
  • 1.6.1
2022-08-15T09:12:50.490946Z Fix available
GHSA-6g3c-2mh5-7q6x
  • Maven/com.manydesigns:portofino
Missing validation of JWT signature in `ManyDesigns/Portofino`
  • 5.0.0
  • 5.0.1
  • 5.0.2
  • 5.0.3
  • 5.1.0
  • 5.1.1
  • 5.1.2
  • ...
2022-08-15T09:12:48.741134Z Fix available
GHSA-7q25-qrjw-6fg2
  • PyPI/safety
Malicious package may avoid detection in python auditing
  • 0.1.0
  • 0.2.0
  • 0.2.1
  • 0.2.2
  • 0.3.0
  • 0.4.0
  • 0.5.0
  • ...
2022-08-15T09:12:46.850721Z Fix available
GHSA-9q69-g5gc-9fgf
  • Maven/io.vertx:vertx-web
  • Maven/io.vertx:vertx-web
  • Maven/io.vertx:vertx-web
  • Maven/io.vertx:vertx-web
Cross-Site Request Forgery in Vert.x-Web framework
  • 4.0.0-milestone1
  • 4.0.0-milestone2
  • 4.0.0-milestone3
  • 4.0.0-milestone4
  • 4.0.0-milestone2
  • 4.0.0-milestone3
  • 4.0.0-milestone4
  • ...
2022-08-15T09:12:46.824799Z Fix available
GHSA-rmrm-75hp-phr2
  • Maven/org.hibernate.validator:hibernate-validator
  • Maven/org.hibernate.validator:hibernate-validator
Improper Input Validation in Hibernate Validator
  • 6.1.0.Final
  • 6.1.1.Final
  • 6.1.2.Final
  • 6.1.3.Final
  • 6.1.4.Final
  • 6.0.0.Alpha1
  • 6.0.0.Alpha2
  • ...
2022-08-15T09:12:45.222496Z Fix available
GHSA-hhm3-48h2-597v
  • PyPI/apache-superset
Insufficiently Protected Credentials in Apache Superset
  • 0.34.0
  • 0.34.1
  • 0.35.1
  • 0.35.2
  • 0.36.0
  • 0.37.0
  • 0.37.1
  • ...
2022-08-15T09:12:43.067818Z Fix available
GHSA-4ph4-q9r5-6wm6
  • Maven/org.springframework.batch:spring-batch-core
Deserialization of Untrusted Data in Spring Batch
  • 4.0.0.RELEASE
  • 4.0.1.RELEASE
  • 4.0.2.RELEASE
  • 4.0.3.RELEASE
  • 4.0.4.RELEASE
  • 4.1.0.RELEASE
  • 4.1.1.RELEASE
  • ...
2022-08-15T09:12:41.389019Z Fix available
GHSA-2p5p-m353-833w
  • RubyGems/administrate
Sort order SQL injection in Administrate
  • 0.0.10
  • 0.0.11
  • 0.0.12
  • 0.0.2
  • 0.0.3
  • 0.0.4
  • 0.0.6
  • ...
2022-08-15T09:12:39.381201Z Fix available
GHSA-8h2j-cgx8-6xv7
  • PyPI/fastapi
Cross-Site Request Forgery (CSRF) in FastAPI
  • 0.1.0
  • 0.1.10
  • 0.1.11
  • 0.1.12
  • 0.1.13
  • 0.1.14
  • 0.1.15
  • ...
2022-08-15T09:12:39.345235Z Fix available