Vulnerability Database
Blog
FAQ
Docs
Vulnerability Library
search
All ecosystems
149405
AlmaLinux
3014
Alpine
3485
Android
898
Bitnami
4275
Chainguard
13046
CRAN
10
crates.io
1403
Debian
16400
GIT
29013
GitHub Actions
16
Go
2579
Hackage
18
Hex
30
Linux
13573
Maven
4967
npm
17855
NuGet
1334
OSS-Fuzz
3372
Packagist
3948
Pub
8
PyPI
13756
Rocky Linux
1315
RubyGems
1585
SwiftURL
31
Ubuntu
5337
Wolfi
8137
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-rm86-h44c-2r2m
PyPI/nova
OpenStack Nova vulnerable to unauthorized access to potentially sensitive data
2 days ago
No fix available
Severity - 5.3 (Medium)
GHSA-fm88-hc3v-3www
PyPI/sentry
Sentry vulnerable to stored Cross-Site Scripting (XSS)
3 days ago
Fix available
Severity - 7.1 (High)
GHSA-hcmv-jmqh-fjgm
PyPI/ops
ops leaking secrets if `subprocess.CalledProcessError` happens with a `secret-*` CLI command
4 days ago
Fix available
Severity - 6.9 (Medium)
GHSA-9gq7-p5w9-w899
PyPI/anki
Ankitects Anki arbitrary script execution vulnerability
4 days ago
Fix available
Severity - 8.6 (High)
GHSA-q47p-v5rw-v574
PyPI/anki
Ankitects Anki LaTeX Blocklist Bypass vulnerability
4 days ago
Fix available
Severity - 2.3 (Low)
GHSA-x3r6-ccvq-cf5v
PyPI/anki
Anki Latex Incomplete Blocklist Vulnerability
4 days ago
Fix available
Severity - 6.0 (Medium)
GHSA-f8hx-f4xw-c646
PyPI/guardrails-ai
Guardrails AI vulnerable to Improper Restriction of XML External Entity Reference
5 days ago
Fix available
Severity - 8.2 (High)
GHSA-j22r-3rf3-cv25
PyPI/calibreweb
Calibre-Web Cross Site Scripting (XSS)
19 Jul
No fix available
Severity - 5.1 (Medium)
GHSA-rwcj-7jjp-4w38
PyPI/puncia
[PUNCIA] [CWE-319] Cleartext Transmission of Sensitive Information via HTTP urls in `API_URLS`
19 Jul
Fix available
Severity - 2.1 (Low)
GHSA-hhpg-v63p-wp7w
PyPI/torchserve
TorchServe gRPC Port Exposure
18 Jul
Fix available
Severity - 8.7 (High)
GHSA-wxcx-gg9c-fwp2
PyPI/torchserve
TorchServe vulnerable to bypass of allowed_urls configuration
18 Jul
Fix available
Severity - 8.7 (High)
GHSA-g92j-qhmh-64v2
PyPI/sentry-sdk
Sentry's Python SDK unintentionally exposes environment variables to subprocesses
18 Jul
Fix available
Severity - 1.8 (Low)
GHSA-w8vc-cwv9-wx67
PyPI/roundup
Roundup Cross-site Scripting Vulnerability
17 Jul
Fix available
Severity - 5.3 (Medium)
GHSA-x37x-qf4v-f54f
PyPI/roundup
Roundup Cross-site Scripting Vulnerability
17 Jul
Fix available
Severity - 5.3 (Medium)
GHSA-xjgw-ghrx-wfff
PyPI/roundup
Roundup Cross-site Scripting Vulnerability
17 Jul
Fix available
Severity - 5.3 (Medium)
PYSEC-2024-63
PyPI/roundup
See record for full details
17 Jul
Fix available
Load more...
PyPI - OSV