Vulnerabilities

ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-45pg-36p6-83v9
  • PyPI/langchain-community
Langchain-Community SQL Injection vulnerability yesterday
  • Fix available
  • Severity - 2.1 (Low)
GHSA-9298-4cf8-g4wj
  • PyPI/waitress
Waitress has request processing race condition in HTTP pipelining with invalid first request yesterday
  • Fix available
  • Severity - 9.3 (Critical)
GHSA-3f84-rpwh-47g6
  • PyPI/waitress
Waitress vulnerable to DoS leading to high CPU usage/resource exhaustion yesterday
  • Fix available
  • Severity - 8.7 (High)
GHSA-j945-c44v-97g6
  • Maven/net.sf.mpxj:mpxj
  • RubyGems/mpxj
  • PyPI/mpxj
  • NuGet/net.sf.mpxj
  • NuGet/net.sf.mpxj-for-csharp
  • NuGet/net.sf.mpxj-for-vb
  • NuGet/MPXJ.Net
MPXJ has a Potential Path Traversal Vulnerability 2 days ago
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-w7hq-f2pj-c53g
  • PyPI/pyload-ng
pyLoad vulnerable to remote code execution by download to /.pyload/scripts using /flashgot API 2 days ago
  • Fix available
  • Severity - 8.5 (High)
MAL-2024-10241
  • Not specified
Malicious code in youreallydontwantthispackage2131 (PyPI) 2 days ago
  • No fix available
MAL-2024-10239
  • Not specified
Malicious code in debug-toolbar (PyPI) 3 days ago
  • No fix available
MAL-2024-10238
  • Not specified
Malicious code in 123bla (PyPI) 3 days ago
  • No fix available
MAL-2024-10236
  • Not specified
Malicious code in blab111 (PyPI) 4 days ago
  • No fix available
GHSA-q34m-jh98-gwm2
  • PyPI/werkzeug
  • PyPI/quart
Werkzeug possible resource exhaustion when parsing file data in forms 5 days ago
  • Fix available
  • Severity - 6.9 (Medium)
GHSA-f9vj-2wh5-fj8j
  • PyPI/werkzeug
Werkzeug safe_join not safe on Windows 5 days ago
  • Fix available
  • Severity - 6.3 (Medium)
GHSA-5vvg-pvhp-hv2m
  • PyPI/snowflake-connector-python
The Snowflake Connector for Python stores sensitive data in logs 6 days ago
  • Fix available
  • Severity - 5.5 (Medium)
GHSA-3vpc-4p9p-47hc
  • PyPI/curl-cffi
curl_cffi bundles a version of libcurl affected by High Severity vulnerability 22 Oct
  • Fix available
MAL-2024-9451
  • Not specified
Malicious code in artifact-lab-3-package-24ddbc49 (PyPI) 22 Oct
  • No fix available
MAL-2024-9446
  • Not specified
Malicious code in flag-leak-r (PyPI) 22 Oct
  • No fix available
GHSA-9rw2-jf8x-cgwm
  • PyPI/flair
Flair allows arbitrary code execution 17 Oct
  • No fix available
  • Severity - 6.3 (Medium)