Vulnerability Database
Blog
FAQ
Vulnerability Library
search
All ecosystems
75685
AlmaLinux
2471
Alpine
3286
Android
807
Bitnami
6914
CRAN
9
crates.io
1223
Debian
9624
GitHub Actions
11
Go
1760
Hackage
15
Hex
25
Linux
13573
Maven
4207
npm
12763
NuGet
533
OSS-Fuzz
3090
Packagist
2365
Pub
5
PyPI
11206
Rocky Linux
1030
RubyGems
740
SwiftURL
28
ID
Packages
Summary
Affected versions
Published
Fix
MAL-2023-8651
Malicious code in lodestone (PyPI)
0.0.58
0.0.59
2023-12-01T21:54:02Z
No fix available
GHSA-7vwr-g6pm-9hc8
PyPI/fastapi-proxy-lib
Cookie leakage between different users in fastapi-proxy-lib
0.0.1b0
2023-12-01T19:23:49Z
Fix available
GHSA-r8j9-5cj7-cv39
PyPI/dpaste
Reflected XSS Vulnerability in dpaste
2.0
2.1
2.10
2.11
2.12
2.13
2.13a0
...
2023-12-01T19:23:16Z
Fix available
GHSA-jfhm-5ghh-2f97
PyPI/cryptography
cryptography vulnerable to NULL-dereference when loading PKCS7 certificates
3.1
3.1.1
3.2
3.2.1
3.3
3.3.1
3.3.2
...
2023-11-28T20:46:46Z
Fix available
GHSA-f678-j579-4xf5
PyPI/apache-superset
Apache Superset - Elevation of Privilege
0.34.0
0.34.1
0.35.1
0.35.2
0.36.0
0.37.0
0.37.1
...
2023-11-28T18:56:21Z
Fix available
GHSA-3hp7-4qq4-v5c6
PyPI/apache-superset
Apache Superset Allocation of Resources Without Limits or Throttling vulnerability
0.34.0
0.34.1
0.35.1
0.35.2
0.36.0
0.37.0
0.37.1
...
2023-11-28T18:30:23Z
Fix available
GHSA-fgpw-4w69-j256
PyPI/apache-superset
Apache Superset Exposure of Sensitive Information to an Unauthorized Actor vulnerability
0.34.0
0.34.1
0.35.1
0.35.2
0.36.0
0.37.0
0.37.1
...
2023-11-28T18:30:23Z
Fix available
GHSA-hc74-9vjm-c9xv
PyPI/apache-superset
Apache Superset Open Redirect vulnerability
0.34.0
0.34.1
0.35.1
0.35.2
0.36.0
0.37.0
0.37.1
...
2023-11-28T18:30:23Z
Fix available
GHSA-q3qx-c6g2-7pw2
PyPI/aiohttp
aiohttp's ClientSession is vulnerable to CRLF injection via version
0.1
0.10.0
0.10.1
0.10.2
0.11.0
0.12.0
0.13.0
...
2023-11-27T23:17:42Z
Fix available
GHSA-qvrw-v9rv-5rjx
PyPI/aiohttp
aiohttp's ClientSession is vulnerable to CRLF injection via method
0.1
0.10.0
0.10.1
0.10.2
0.11.0
0.12.0
0.13.0
...
2023-11-27T23:17:24Z
Fix available
GHSA-pjjw-qhg8-p2p9
PyPI/aiohttp
aiohttp has vulnerable dependency that is vulnerable to request smuggling
0.1
0.10.0
0.10.1
0.10.2
0.11.0
0.12.0
0.13.0
...
2023-11-27T23:15:38Z
Fix available
GHSA-392c-vjfv-h7wr
PyPI/apache-superset
Apache Superset - Elevation of Privilege
0.34.0
0.34.1
0.35.1
0.35.2
0.36.0
0.37.0
0.37.1
...
2023-11-27T12:30:55Z
Fix available
GHSA-vv65-fjfj-4736
PyPI/apache-superset
Apache Superset has Incorrect Default Permissions
0.34.0
0.34.1
0.35.1
0.35.2
0.36.0
0.37.0
0.37.1
...
2023-11-27T12:30:55Z
Fix available
GHSA-wq8q-99p5-xfrw
PyPI/apache-superset
Apache Superset Cross-site Scripting vulnerability
0.34.0
0.34.1
0.35.1
0.35.2
0.36.0
0.37.0
0.37.1
...
2023-11-27T12:30:55Z
Fix available
GHSA-rqr8-pxh7-cq3g
PyPI/eth-abi
Ethereum ABI decoder DoS when parsing ZST
0.5.0
1.0.0
1.0.0b0
1.0.0b1
1.1.0
1.1.1
1.2.0
...
2023-11-24T16:54:11Z
Fix available
GHSA-cf9f-wmhp-v4pr
PyPI/nautobot
Cross-site Scripting potential in custom links, job buttons, and computed fields
1.0.0
1.0.0a1
1.0.0a2
1.0.0b1
1.0.0b2
1.0.0b3
1.0.0b4
...
2023-11-22T20:55:54Z
Fix available
Load more...
PyPI - OSV