Vulnerability Library

ID
Packages
Summary
Affected versions
Published
Fix
GHSA-ghp8-52vx-77j4
  • PyPI/pgadmin4
pgAdmin failed to properly control the server code
  • 4.20
  • 4.22
  • 4.23
  • 4.24
  • 4.25
  • 4.26
  • 4.27
  • ...
2023-09-22T15:30:15Z Fix available
GHSA-hc5c-r8m5-2gfh
  • PyPI/plone-restapi
plone.restapi vulnerable to Stored Cross Site Scripting with SVG image in user portrait
  • 8.0.0
  • 8.1.0
  • 8.10.0
  • 8.11.0
  • 8.12.0
  • 8.12.1
  • 8.13.0
  • ...
2023-09-21T17:16:44Z Fix available
GHSA-jj7c-jrv4-c65x
  • PyPI/plone-namedfile
  • PyPI/plone-namedfile
  • PyPI/plone-namedfile
  • PyPI/plone-namedfile
plone.namedfile vulnerable to Stored Cross Site Scripting with SVG images
  • 1.0
  • 1.0.1
  • 1.0.2
  • 1.0.3
  • 1.0.4
  • 1.0.5
  • 1.0.6
  • ...
2023-09-21T17:14:58Z Fix available
GHSA-v8gr-m533-ghj9
  • PyPI/cryptography
Vulnerable OpenSSL included in cryptography wheels
  • 2.5
  • 2.6
  • 2.6.1
  • 2.7
  • 2.8
  • 2.9
  • 2.9.1
  • ...
2023-09-21T17:07:01Z Fix available
GHSA-h6rp-mprm-xgcq
  • PyPI/plone-rest
  • PyPI/plone-rest
plone.rest vulnerable to Denial of Service when ++api++ is used many times
  • 2.0.0
  • 2.0.0a1
  • 2.0.0a2
  • 2.0.0a3
  • 2.0.0a4
  • 2.0.0a5
  • 2.0.0a6.dev0
  • ...
2023-09-21T17:06:37Z Fix available
GHSA-wm8q-9975-xh5v
  • PyPI/zope
  • PyPI/zope
Zope vulnerable to Stored Cross Site Scripting with SVG images
  • 4.0
  • 4.0b1
  • 4.0b10
  • 4.0b2
  • 4.0b3
  • 4.0b4
  • 4.0b5
  • ...
2023-09-21T17:04:09Z Fix available
GHSA-c647-pxm2-c52w
  • PyPI/vyper
Vyper vulnerable to memory corruption in certain builtins utilizing `msize`
  • 0.1.0b1
  • 0.1.0b10
  • 0.1.0b11
  • 0.1.0b12
  • 0.1.0b13
  • 0.1.0b14
  • 0.1.0b15
  • ...
2023-09-20T23:05:35Z No fix available
GHSA-pxg5-h34r-7q8p
  • PyPI/geonode
GeoNode vulnerable to SSRF Bypass to return internal host data
  • 3.2.0
  • 3.2.1
  • 3.2.2
  • 3.2.3
  • 3.2.3.post1
  • 3.2.4
  • 3.3.0
  • ...
2023-09-20T23:04:44Z Fix available
GHSA-pj98-2xf6-cff5
  • PyPI/reportlab
ReportLab vulnerable to remote code execution via paraparser
  • 2.0
  • 2.3
  • 2.4
  • 2.5
  • 2.6
  • 2.7
  • 3.0
  • ...
2023-09-20T15:30:51Z Fix available
PYSEC-2023-175
  • PyPI/imagecodecs
See record for full details
  • See details.
2023-09-20T05:46:53.608652Z Fix available
PYSEC-2023-174
  • PyPI/imagecodecs
See record for full details
  • 2018.10.10
  • 2018.10.18
  • 2018.10.22
  • 2018.10.28
  • 2018.10.30
  • 2018.11.8
  • 2018.12.1
  • ...
2023-09-20T05:31:28.958082Z Fix available
GHSA-3hg2-r75x-g69m
  • PyPI/vyper
Vyper has incorrect re-entrancy lock when key is empty string
  • 0.2.10
  • 0.2.11
  • 0.2.12
  • 0.2.13
  • 0.2.14
  • 0.2.15
  • 0.2.16
  • ...
2023-09-18T19:20:55Z Fix available
GHSA-v4q9-qgqf-7jwp
  • PyPI/gradio
Gradio arbitrary file upload vulnerability
  • 0.1.0
  • 0.1.1
  • 0.1.2
  • 0.1.3
  • 0.1.4
  • 0.1.5
  • 0.1.6
  • ...
2023-09-16T00:30:30Z No fix available
PYSEC-2023-176
  • PyPI/geonode
See record for full details
  • 3.2.0
  • 3.2.1
  • 3.2.2
  • 3.2.3
  • 3.2.3.post1
  • 3.2.4
  • 3.3.0
  • ...
2023-09-15T21:15:00Z No fix available
PYSEC-2023-173
  • github.com/piccolo-orm/piccolo
  • PyPI/piccolo
See record for full details
  • 0.1.0
  • 0.1.1
  • 0.1.2
  • 0.10.0
  • 0.10.1
  • 0.10.2
  • 0.10.3
  • ...
2023-09-12T21:15:00Z Fix available
GHSA-mjqh-v5f2-g2mw
  • PyPI/apache-airflow
Apache Airflow information exposure vulnerability
  • 1.10.0
  • 1.10.1
  • 1.10.10
  • 1.10.10rc1
  • 1.10.10rc2
  • 1.10.10rc3
  • 1.10.10rc4
  • ...
2023-09-12T19:25:08Z Fix available