Vulnerability Library

ID
Packages
Summary
Affected versions
Last modified
Fix
GHSA-87cj-px37-rc3x
  • PyPI/bikeshed
OS Command Injection in bikeshed
  • 1.0.0
  • 1.0.1
  • 1.0.10
  • 1.0.2
  • 1.0.3
  • 1.0.4
  • 1.0.5
  • ...
2022-08-15T09:12:51.126971Z Fix available
GHSA-7q25-qrjw-6fg2
  • PyPI/safety
Malicious package may avoid detection in python auditing
  • 0.1.0
  • 0.2.0
  • 0.2.1
  • 0.2.2
  • 0.3.0
  • 0.4.0
  • 0.5.0
  • ...
2022-08-15T09:12:46.850721Z Fix available
GHSA-hhm3-48h2-597v
  • PyPI/apache-superset
Insufficiently Protected Credentials in Apache Superset
  • 0.34.0
  • 0.34.1
  • 0.35.1
  • 0.35.2
  • 0.36.0
  • 0.37.0
  • 0.37.1
  • ...
2022-08-15T09:12:43.067818Z Fix available
GHSA-8h2j-cgx8-6xv7
  • PyPI/fastapi
Cross-Site Request Forgery (CSRF) in FastAPI
  • 0.1.0
  • 0.1.10
  • 0.1.11
  • 0.1.12
  • 0.1.13
  • 0.1.14
  • 0.1.15
  • ...
2022-08-15T09:12:39.345235Z Fix available
GHSA-62xg-239j-vxg7
  • PyPI/pyftpdlib
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') in pyftpdlib
  • 0.2.0
  • 0.3.0
  • 0.4.0
  • 0.5.0
  • 0.5.1
2022-08-15T09:12:38.285031Z Fix available
GHSA-rqxg-xvcq-3v2f
  • PyPI/opencv-python
  • PyPI/opencv-contrib-python
Out-of-bounds Write in OpenCV
  • 3.1.0
  • 3.1.0.0
  • 3.1.0.1
  • 3.1.0.2
  • 3.1.0.3
  • 3.1.0.4
  • 3.1.0.5
  • ...
2022-08-15T09:12:36.738033Z Fix available
GHSA-j8c8-67vp-6mx7
  • PyPI/tensorflow
  • PyPI/tensorflow
  • PyPI/tensorflow
  • PyPI/tensorflow-cpu
  • PyPI/tensorflow-cpu
  • PyPI/tensorflow-cpu
  • PyPI/tensorflow-gpu
  • PyPI/tensorflow-gpu
  • PyPI/tensorflow-gpu
Arbitrary memory read in `ImmutableConst`
  • 2.6.0
  • 2.5.0
  • 2.5.1
  • 0.12.0
  • 0.12.1
  • 1.0.0
  • 1.0.1
  • ...
2022-08-15T09:12:35.298568Z Fix available
GHSA-wrp6-9w7f-3wxg
  • PyPI/calibreweb
calibre-web is vulnerable to Cross-site Scripting
  • 0.6.12
  • 0.6.13
  • 0.6.14
2022-08-15T09:12:28.939421Z Fix available
GHSA-vv2x-vrpj-qqpq
  • PyPI/bleach
Cross-site scripting in Bleach
  • 0.1
  • 0.1.1
  • 0.1.2
  • 0.2
  • 0.2.1
  • 0.2.2
  • 0.3
  • ...
2022-08-15T09:12:27.263468Z Fix available
GHSA-95q3-8gr9-gm8w
  • PyPI/pillow
Denial of Service by Uncontrolled Resource Consumption
  • 1.0
  • 1.1
  • 1.2
  • 1.3
  • 1.4
  • 1.5
  • 1.6
  • ...
2022-08-15T09:12:20.204111Z Fix available
GHSA-cmgw-8vpc-rc59
  • PyPI/tensorflow
  • PyPI/tensorflow-cpu
  • PyPI/tensorflow-gpu
Segfault on strings tensors with mistmatched dimensions, due to Go code
  • 0.12.0
  • 0.12.1
  • 1.0.0
  • 1.0.1
  • 1.1.0
  • 1.10.0
  • 1.10.1
  • ...
2022-08-15T09:12:18.157341Z Fix available
GHSA-vqhp-cxgc-6wmm
  • PyPI/bleach
regular expression denial-of-service (ReDoS) in Bleach
  • 0.1
  • 0.1.1
  • 0.1.2
  • 0.2
  • 0.2.1
  • 0.2.2
  • 0.3
  • ...
2022-08-15T09:12:18.037958Z Fix available
GHSA-p86x-652p-6385
  • PyPI/keyring
Incorrect Default Permissions in keyring
  • 0.1
  • 0.2
  • 0.3
  • 0.4
  • 0.5
  • 0.5.1
  • 0.6.2
  • ...
2022-08-15T09:12:15.694569Z Fix available
GHSA-rrx2-r989-2c43
  • PyPI/tensorflow
  • PyPI/tensorflow
  • PyPI/tensorflow
  • PyPI/tensorflow-cpu
  • PyPI/tensorflow-cpu
  • PyPI/tensorflow-cpu
  • PyPI/tensorflow-gpu
  • PyPI/tensorflow-gpu
  • PyPI/tensorflow-gpu
Integer overflows in Tensorflow
  • 0.12.0
  • 0.12.1
  • 1.0.0
  • 1.0.1
  • 1.1.0
  • 1.10.0
  • 1.10.1
  • ...
2022-08-15T09:12:09.295431Z Fix available
GHSA-99cv-8cvv-666c
  • PyPI/apache-airflow
High severity vulnerability that affects apache-airflow
  • 1.10.0
  • 1.10.1
  • 1.10.1b1
  • 1.10.1rc2
  • 1.10.2b2
  • 1.10.2rc1
  • 1.10.2rc2
  • ...
2022-08-15T09:12:09.264203Z Fix available
GHSA-8r7q-cvjq-x353
  • PyPI/jinja2
Incorrect Privilege Assignment in Jinja2
  • 2.0
  • 2.0rc1
  • 2.1
  • 2.1.1
  • 2.2
  • 2.2.1
  • 2.3
  • ...
2022-08-15T09:12:08.687233Z Fix available