Vulnerability Database
Blog
FAQ
Vulnerability Library
search
All ecosystems
47257
AlmaLinux
1436
Alpine
3151
Android
674
crates.io
1120
Debian
9217
GitHub Actions
10
Go
1394
Hex
21
Linux
13573
Maven
3527
npm
2930
NuGet
272
OSS-Fuzz
2826
Packagist
1563
Pub
4
PyPI
3988
Rocky Linux
907
RubyGems
644
ID
Packages
Summary
Affected versions
Last modified
Fix
GHSA-j8r2-6x86-q33q
PyPI/requests
Unintended leak of Proxy-Authorization header in requests
2.10.0
2.11.0
2.11.1
2.12.0
2.12.1
2.12.2
2.12.3
...
2023-05-30T07:19:05.651846Z
Fix available
GHSA-x7c2-7wvg-jpx7
PyPI/kiwitcms
kiwitcms vulnerable to stored XSS via unrestricted files upload
10.0
10.1
10.2
10.3
10.3.999
10.4
10.5
...
2023-05-30T07:13:17.975880Z
Fix available
GHSA-hh7j-pg39-q563
PyPI/toui
toui allows user-specific variables to be shared between users
2.0.1
2.1.0
2.1.1
2.2.0
2.3.0
2.4.0
2023-05-30T06:50:27.694308Z
Fix available
GHSA-446m-hmmm-hm8m
PyPI/ckan
PyPI/ckan
Ckan remote code execution and private information access via crafted resource ids
0.11
0.3
0.4
0.5
0.6
0.7
0.8
...
2023-05-29T16:28:01.706615Z
Fix available
GHSA-4xqq-73wg-5mjp
PyPI/git-url-parse
git-url-parse Regular Expression Denial of Service
1.0.0
1.0.1
1.0.2
1.1.0
1.2.0
1.2.1
1.2.2
2023-05-26T22:05:29.353885Z
No fix available
GHSA-qg36-9jxh-fj25
PyPI/django-ses
Incorrect signature verification in django-ses
0.1
0.2
0.3.0
0.4.0
0.4.1
0.6.0
0.7.0
...
2023-05-26T22:04:09.934499Z
Fix available
GHSA-hj3f-6gcp-jg8j
PyPI/tornado
Open redirect in Tornado
0.2
1.0
1.1
1.1.1
1.2
1.2.1
2.0
...
2023-05-26T21:34:14.886146Z
Fix available
GHSA-282v-666c-3fvg
PyPI/transformers
transformers has Insecure Temporary File
0.1
2.0.0
2.1.0
2.1.1
2.10.0
2.11.0
2.2.0
...
2023-05-26T19:49:10.416943Z
No fix available
GHSA-j5fj-rfh6-qj85
PyPI/planet
Planet's secret file is created with excessive permissions
0.0.1
0.0.2
0.0.3
0.0.4
0.0.5
0.0.6
1.0.0
...
2023-05-26T19:18:23.683915Z
Fix available
GHSA-f3wc-3vxv-xmvr
PyPI/matrix-synapse
Synapse Outgoing federation to specific hosts can be disabled by sending malicious invites
0.33.5
0.33.5.1
0.33.6
0.33.6rc1
0.33.7
0.33.7rc1
0.33.7rc2
...
2023-05-26T18:20:28.669509Z
Fix available
GHSA-p9qp-c452-f9r7
PyPI/matrix-synapse
Synapse Denial of service due to incorrect application of event authorization rules during state resolution
1.62.0
1.63.0
1.63.0rc1
1.63.1
1.64.0
1.64.0rc1
1.64.0rc2
...
2023-05-26T18:05:37.242599Z
Fix available
GHSA-45cj-f97f-ggwv
PyPI/matrix-synapse
Synapse does not apply enough checks to servers requesting auth events of events in a room
0.33.5
0.33.5.1
0.33.6
0.33.6rc1
0.33.7
0.33.7rc1
0.33.7rc2
...
2023-05-26T18:04:07.819100Z
Fix available
PYSEC-2022-231
PyPI/nvflare
0.1.3
0.9.0
1.0.0
1.0.1
1.0.2
1.1.0
1.1.1
...
2023-05-26T05:35:30.086780Z
Fix available
PYSEC-2022-232
PyPI/nvflare
0.1.3
0.9.0
1.0.0
1.0.1
1.0.2
1.1.0
1.1.1
...
2023-05-26T05:35:24.410561Z
Fix available
PYSEC-2021-872
PyPI/distributed
1.0.0
1.0.1
1.0.2
1.1.0
1.10.0
1.10.1
1.10.2
...
2023-05-25T05:07:00Z
Fix available
PYSEC-2021-873
PyPI/gradio
0.1.0
0.1.1
0.1.2
0.1.3
0.1.4
0.1.5
0.1.6
...
2023-05-25T05:07:00Z
Fix available
Load more...
PyPI - OSV