Vulnerabilities

ID
Packages
Summary
Published
arrow_upward
Attributes
PYSEC-2026-1932
  • PyPI/social-auth-app-django
Python Social Auth - Django has unsafe account association 4 days ago
  • Fix available
  • Severity - 6.3 (Medium)
PYSEC-2026-1931
  • PyPI/social-auth-app-django
social-auth-app-django affected by Improper Handling of Case Sensitivity 4 days ago
  • Fix available
  • Severity - 4.9 (Medium)
PYSEC-2026-459
  • PyPI/plone-app-contenttypes
Plone Unauthenticated Write Vulnerability 29 Jun
  • No fix available
  • Severity - 9.3 (Critical)
MAL-2026-2570
  • PyPI/robase-app
Malicious code in robase-app (PyPI) 12 Apr
  • No fix available
GHSA-wv4w-6qv2-qqfg
  • PyPI/social-auth-app-django
Python Social Auth - Django has unsafe account association 09 Oct 2025
  • Fix available
  • Severity - 6.3 (Medium)
MAL-2025-48892
  • PyPI/hackerone-app-sdk
Malicious code in hackerone-app-sdk (PyPI) 17 Sep 2025
  • No fix available
MAL-2025-191815
  • PyPI/pokemon-app-sdk
Malicious code in pokemon-app-sdk (PyPI) 13 Sep 2025
  • No fix available
GHSA-2gr8-3wc7-xhj3
  • PyPI/social-auth-app-django
social-auth-app-django affected by Improper Handling of Case Sensitivity 24 Apr 2024
  • Fix available
  • Severity - 4.9 (Medium)
GHSA-5v8v-66v8-mwm7
  • NuGet/Microsoft.NETCore.App.Runtime.AOT.linux-x64.Cross.android-arm
  • NuGet/Microsoft.NETCore.App.Runtime.AOT.linux-x64.Cross.android-arm64
  • NuGet/Microsoft.NETCore.App.Runtime.AOT.linux-x64.Cross.android-x64
  • NuGet/Microsoft.NETCore.App.Runtime.AOT.linux-x64.Cross.android-x86
  • NuGet/Microsoft.NETCore.App.Runtime.AOT.linux-x64.Cross.browser-wasm
  • ... 113 more
Integer overflow in the bundled Brotli C library 24 May 2022
  • Fix available
  • Severity - 6.9 (Medium)
GHSA-w6g9-xccc-347h
  • PyPI/plone
  • PyPI/plone-app-contenttypes
Plone Unauthenticated Write Vulnerability 24 May 2022
  • No fix available
  • Severity - 9.3 (Critical)
GHSA-qqr6-vm23-m488
  • PyPI/galaxy-app
Galaxy cross-site scripting (XSS) 14 May 2022
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-f7qw-5fgj-247x
  • PyPI/plone-app-contenttypes
Cross-site Scripting and Open Redirect in plone.app.contenttypes 01 Feb 2022
  • Fix available
  • Severity - 4.3 (Medium)
GHSA-xr38-w74q-r8jv
  • PyPI/invenio-app-rdm
  • PyPI/invenio-drafts-resources
  • PyPI/invenio-rdm-records
Permissions not properly checked in Invenio-Drafts-Resources 06 Dec 2021
  • Fix available
  • Severity - 5.1 (Medium)
PYSEC-2021-837
  • PyPI/invenio-app-rdm
  • github.com/inveniosoftware/invenio-drafts-resources
See record for full details 06 Dec 2021
  • Fix available
GHSA-2c8c-84w2-j38j
  • PyPI/plone
  • PyPI/plone-app-dexterity
  • PyPI/plone-app-event
  • PyPI/plone-app-theming
  • PyPI/plone-supermodel
Improper Restriction of XML External Entity Reference in Plone 07 Apr 2021
  • Fix available
  • Severity - 8.7 (High)
GHSA-x7wf-5mjc-6x76
  • PyPI/plone
  • PyPI/plone-app-dexterity
  • PyPI/plone-app-event
  • PyPI/plone-app-theming
  • PyPI/plone-supermodel
SSRF attacks via tracebacks in Plone 07 Apr 2021
  • Fix available
  • Severity - 8.7 (High)