OSV - Open Source Vulnerabilities

BIT-sqlite-2025-70873

Bitnami/sqlite

See record for full details

yesterday

Fix available
Severity - 7.5 (High)

BIT-prometheus-2026-40179

Bitnami/prometheus

Prometheus: Stored XSS via metric names and label values in web UI tooltips and metrics explorer

yesterday

Fix available
Severity - 5.3 (Medium)

BIT-pillow-2026-40192

Bitnami/pillow

Pillow is vulnerable to a FITS GZIP decompression bomb

yesterday

Fix available
Severity - 8.7 (High)

BIT-golang-2026-27144

Bitnami/golang

Miscompilation allows memory corruption via CONVNOP-wrapped array copy in cmd/compile

yesterday

Fix available
Severity - 7.1 (High)

BIT-golang-2026-27143

Bitnami/golang

Missing bound checks can lead to memory corruption in safe Go in cmd/compile

yesterday

Fix available
Severity - 9.8 (Critical)

BIT-grafana-2025-12141

Bitnami/grafana

Grafana Alerting Editors can edit destination of webhooks they did not create

yesterday

Fix available
Severity - 1.3 (Low)

BIT-airflow-2026-31987

Bitnami/airflow

Apache Airflow: JWT token appearing in logs

yesterday

Fix available
Severity - 7.5 (High)

BIT-airflow-2026-25219

Bitnami/airflow

Apache Airflow: Sensitive Azure Service Bus connection string (and possibly other providers) exposed to users with view access

yesterday

Fix available
Severity - 6.5 (Medium)

BIT-airflow-2025-54550

Bitnami/airflow

Apache Airflow: RCE by race condition in example_xcom dag

yesterday

Fix available
Severity - 8.1 (High)

BIT-composer-2026-40261

Bitnami/composer

Composer has Command Injection via Malicious Perforce Reference

yesterday

Fix available
Severity - 8.8 (High)

BIT-composer-2026-40176

Bitnami/composer

Composer is vulnerable to Command Injection via Malicious Perforce Repository

yesterday

Fix available
Severity - 7.8 (High)

BIT-gitlab-2026-5173

Bitnami/gitlab

Exposed Dangerous Method or Function in GitLab

3 days ago

Fix available
Severity - 8.5 (High)

BIT-gitlab-2026-1752

Bitnami/gitlab

Incorrect Authorization in GitLab

3 days ago

Fix available
Severity - 4.3 (Medium)

BIT-gitlab-2026-1092

Bitnami/gitlab

Improper Validation of Specified Quantity in Input in GitLab

3 days ago

Fix available
Severity - 7.5 (High)

BIT-python-min-2026-6100

Bitnami/python-min

Use-after-free in lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile after re-use under memory pressure

3 days ago

No fix available
Severity - 9.1 (Critical)

BIT-python-2026-6100

Bitnami/python

Use-after-free in lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile after re-use under memory pressure

3 days ago

No fix available
Severity - 9.1 (Critical)