Vulnerability Library

ID
Packages
Summary
Affected versions
Last modified
Fix
GHSA-7q8x-38mc-p84f
  • PyPI/mako
Mako contains Cross-site Scripting vulnerability
  • 0.1.0
  • 0.1.1
  • 0.1.10
  • 0.1.2
  • 0.1.3
  • 0.1.4
  • 0.1.5
  • ...
2023-02-04T00:39:45.411440Z Fix available
GHSA-626q-v9j4-mcp4
  • PyPI/openzeppelin-cairo-contracts
OpenZeppelin Contracts contains Improper Verification of Cryptographic Signature
  • 0.2.0
  • 0.2.1
  • 0.3.0
  • 0.3.1
  • 0.3.2
  • 0.4.0
  • 0.4.0b0
  • ...
2023-02-04T00:37:53.085779Z Fix available
GHSA-2q75-f7cp-w86q
  • PyPI/plone
  • PyPI/plone
Plone contains Cross-site Request Forgery
  • 3.2
  • 3.2.1
  • 3.2.2
  • 3.2.3
  • 3.2a1
  • 3.2rc1
  • 3.3
  • ...
2023-02-04T00:30:52.572071Z Fix available
GHSA-3cm8-v4mc-gppg
  • PyPI/binwalk
Path traversal in binwalk
  • See details.
2023-02-04T00:14:45Z No fix available
GHSA-g2j5-7vgx-6xrx
  • PyPI/cinder
  • PyPI/cinder
  • PyPI/glance
  • PyPI/nova
OpenStack Cinder, Glance, and Nova contain Uncontrolled Resource Consumption
  • See details.
2023-02-03T23:20:49Z Fix available
GHSA-q2jf-h9jm-m7p4
  • PyPI/django
  • PyPI/django
  • PyPI/django
Django contains Uncontrolled Resource Consumption via cached header
  • 3.2
  • 3.2.1
  • 3.2.10
  • 3.2.11
  • 3.2.12
  • 3.2.13
  • 3.2.14
  • ...
2023-02-03T21:26:23.977579Z Fix available
GHSA-xrx6-fmxq-rjj2
  • PyPI/rsa
Timing attacks in python-rsa
  • 1.1
  • 1.2
  • 1.3
  • 1.3.1
  • 1.3.2
  • 1.3.3
  • 2.0
  • ...
2023-02-03T21:01:10.408438Z Fix available
GHSA-p2jg-q8hw-p7gc
  • PyPI/barbican
Barbican authorization flaw before v14.0.0
  • 0
  • 10.0.0
  • 10.0.0.0rc1
  • 10.1.0
  • 11.0.0
  • 11.0.0.0rc1
  • 12.0.0
  • ...
2023-02-03T20:51:25.950871Z Fix available
GHSA-wmqq-r32m-87c5
  • PyPI/oslo-utils
python-oslo-utils has improper password parsing
  • 0.1.0
  • 0.1.1
  • 0.2.0
  • 0.3.0
  • 1.0.0
  • 1.1.0
  • 1.1.1
  • ...
2023-02-03T20:51:04.295471Z Fix available
GHSA-h39q-95q5-9jfp
  • PyPI/ansible
OS Command Injection in ansible
  • 1.0
  • 1.1
  • 1.2
  • 1.2.1
  • 1.2.2
  • 1.2.3
  • 1.3.0
  • ...
2023-02-03T20:51:02.213160Z No fix available
GHSA-ffxj-547x-5j7c
  • PyPI/onnx
Directory Traversal in onnx
  • 0.1
  • 0.2
  • 0.2.1
  • 1.0.0
  • 1.0.1
  • 1.1.0
  • 1.1.1
  • ...
2023-02-03T20:43:17.705567Z Fix available
GHSA-x4cm-m36h-c6qj
  • PyPI/ansible
Improper Input Validation in ansible
  • 1.0
  • 1.1
  • 1.2
  • 1.2.1
  • 1.2.2
  • 1.2.3
  • 1.3.0
  • ...
2023-02-03T20:42:33.639092Z Fix available
GHSA-77hv-8796-8ccp
  • PyPI/zope2
  • PyPI/plone
  • PyPI/plone
HTTP header injection in Plone and Zope2
  • 2.12.0
  • 2.12.0.a1
  • 2.12.0a2
  • 2.12.0a3
  • 2.12.0a4
  • 2.12.0b1
  • 2.12.0b2
  • ...
2023-02-03T20:40:48.022929Z Fix available
GHSA-h7wm-ph43-c39p
  • PyPI/scrapy
Scrapy denial of service vulnerability
  • 0.10.4.2364
  • 0.12.0.2550
  • 0.14.1
  • 0.14.2
  • 0.14.3
  • 0.14.4
  • 0.16.0
  • ...
2023-02-03T18:44:59.302378Z No fix available
GHSA-77rm-9x9h-xj3g
  • NuGet/Google.Protobuf
  • Packagist/google/protobuf
  • Maven/com.google.protobuf:protobuf-parent
  • Go/github.com/protocolbuffers/protobuf
  • PyPI/protobuf
NULL Pointer Dereference in Protocol Buffers
  • 0.0.1-test1
  • 3.0.0
  • 3.0.0-alpha4
  • 3.0.0-beta2
  • 3.0.0-beta3
  • 3.0.0-beta4
  • 3.1.0
  • ...
2023-02-03T06:03:30.309657Z Fix available
GHSA-7r87-cj48-wj45
  • PyPI/flask-session-captcha
Potential Captcha Validate Bypass in flask-session-captcha
  • 1.0.0
  • 1.0.1
  • 1.0.2
  • 1.0.3
  • 1.1.0
  • 1.2.0
2023-02-03T06:03:12.148947Z Fix available