Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
HSEC-2025-0006
  • Hackage/x509-store
  • Hackage/crypton-x509-store
 Private key leak via inherited file descriptor 17 Nov
  • Fix available
HSEC-2023-0001
  • Hackage/aeson
 Hash flooding vulnerability in aeson 14 Nov
  • Fix available
HSEC-2023-0002
  • Hackage/biscuit-haskell
 Improper Verification of Cryptographic Signature 14 Nov
  • Fix available
HSEC-2023-0003
  • Hackage/xmonad-contrib
 code injection in xmonad-contrib 14 Nov
  • Fix available
HSEC-2023-0004
  • Hackage/xml-conduit
 xml-conduit unbounded entity expansion 14 Nov
  • Fix available
HSEC-2023-0005
  • Hackage/tls-extra
 tls-extra: certificate validation does not check Basic Constraints 14 Nov
  • Fix available
HSEC-2023-0006
  • Hackage/x509-validation
 x509-validation does not enforce pathLenConstraint 14 Nov
  • Fix available
HSEC-2023-0007
  • Hackage/base
  • Hackage/toml-reader
 readFloat: memory exhaustion with large exponent 14 Nov
  • Fix available
HSEC-2023-0008
  • Hackage/hledger-web
 Stored XSS in hledger-web 14 Nov
  • Fix available
HSEC-2023-0009
  • Hackage/git-annex
 git-annex command injection via malicious SSH hostname 14 Nov
  • Fix available
HSEC-2023-0010
  • Hackage/git-annex
 git-annex private data exfiltration to compromised remote 14 Nov
  • Fix available
HSEC-2023-0011
  • Hackage/git-annex
 git-annex GPG decryption attack via compromised remote 14 Nov
  • Fix available
HSEC-2023-0012
  • Hackage/git-annex
 git-annex checksum exposure to encrypted special remotes 14 Nov
  • Fix available
HSEC-2023-0013
  • Hackage/git-annex
 git-annex plaintext storage of embedded credentials on encrypted remotes 14 Nov
  • Fix available
HSEC-2023-0014
  • Hackage/pandoc
 Arbitrary file write is possible when using PDF output or --extract-media with untrusted input 14 Nov
  • Fix available
HSEC-2023-0015
  • Hackage/cabal-install
 cabal-install uses expired key policies 14 Nov
  • Fix available
Load more...(1 page left)