Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-m435-9v6r-v5f6
  • PyPI/mobsf
 MobSF vulnerability allows SSRF due to the allow_redirects=True parameter yesterday
  • Fix available
  • Severity - 7.5 (High)
GHSA-xj56-p8mm-qmxj
  • PyPI/llamafactory
 LLaMA-Factory allows Code Injection through improper vhead_file safeguards yesterday
  • No fix available
  • Severity - 8.3 (High)
GHSA-9r64-3wmc-x8m8
  • PyPI/apache-airflow-providers-snowflake
 Apache Airflow Providers Snowflake package allows for Special Element Injection via CopyFromExternalStageToSnowflakeOperator 2 days ago
  • Fix available
  • Severity - 9.8 (Critical)
PYSEC-2025-51
  • PyPI/apache-airflow-providers-snowflake
 See record for full details 5 days ago
  • Fix available
MAL-2025-5239
  • PyPI/youreallydontwantthispackage2132
 Malicious code in youreallydontwantthispackage2132 (PyPI) 5 days ago
  • No fix available
GHSA-8gff-cf92-72pv
  • PyPI/pyspur
 pyspur Incomplete Filtering of Special Elements allowed by SingleLLMCallNode function 5 days ago
  • No fix available
  • Severity - 2.1 (Low)
GHSA-h5gc-rm8j-5gpr
  • PyPI/langchain-community
 LangChain Community SSRF vulnerability exists in RequestsToolkit component 5 days ago
  • Fix available
  • Severity - 8.4 (High)
GHSA-hwpg-x5hw-vpv9
  • PyPI/changedetection-io
 ChangeDetection.io XSS in watch overview 5 days ago
  • Fix available
  • Severity - 7.0 (High)
GHSA-wxj7-3fx5-pp9m
  • PyPI/mlflow
 MLFlow SSRF via gateway_proxy_handler 5 days ago
  • Fix available
  • Severity - 5.8 (Medium)
PYSEC-2025-52
  • PyPI/mlflow
  • github.com/mlflow/mlflow
 See record for full details 5 days ago
  • Fix available
GHSA-6qhv-4h7r-2g9m
  • PyPI/rfc3161-client
 rfc3161-client has insufficient verification for timestamp response signatures 20 Jun
  • Fix available
  • Severity - 9.3 (Critical)
GHSA-48p4-8xcf-vxj5
  • PyPI/urllib3
 urllib3 does not control redirects in browsers and Node.js 18 Jun
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-pq67-6m6q-mj2v
  • PyPI/urllib3
 urllib3 redirects are not disabled when retries are disabled on PoolManager instantiation 18 Jun
  • Fix available
  • Severity - 5.3 (Medium)
MAL-2025-5143
  • PyPI/whee11
 Malicious code in whee11 (PyPI) 18 Jun
  • No fix available
MAL-2025-5144
  • PyPI/whel
 Malicious code in whel (PyPI) 18 Jun
  • No fix available
MAL-2025-5141
  • PyPI/wallettronpy
 Malicious code in wallettronpy (PyPI) 18 Jun
  • No fix available
Load more...