Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-5qrq-9645-g5g2
  • PyPI/ethyca-fides
 ethyca-fides has a DOM-based XSS vulnerability in fides.js via fides_description override 14 May
  • Fix available
  • Severity - 7.0 (High)
GHSA-qx5f-ghc2-7g5c
  • PyPI/ethyca-fides
 Ethyca Fides has a Privacy Request Identity Verification Bypass Vulnerability via Duplicate Detection 05 May
  • Fix available
  • Severity - 6.1 (Medium)
GHSA-hjfh-p8f5-24wr
  • PyPI/ethyca-fides
 Fides Webserver API is Vulnerable to OAuth Client Privilege Escalation 08 Sep 2025
  • Fix available
  • Severity - 8.6 (High)
GHSA-fq34-xw6c-fphf
  • PyPI/ethyca-fides
 Fides Webserver API Rate Limiting Vulnerability in Proxied Environments 08 Sep 2025
  • Fix available
  • Severity - 6.3 (Medium)
GHSA-7q62-r88r-j5gw
  • PyPI/ethyca-fides
 Fides has a Lack of Brute-Force Protections on Authentication Endpoints 08 Sep 2025
  • Fix available
  • Severity - 2.3 (Low)
GHSA-rpw8-82v9-3q87
  • PyPI/ethyca-fides
 Fides' Admin UI User Password Change Does Not Invalidate Current Session 08 Sep 2025
  • Fix available
  • Severity - 1.7 (Low)
GHSA-v7vm-rhmg-8j2r
  • PyPI/ethyca-fides
 Password Policy Bypass Vulnerability in Fides Webserver User Accept Invite API 26 Nov 2024
  • Fix available
  • Severity - 1.9 (Low)
GHSA-c34r-238x-f7qx
  • PyPI/ethyca-fides
 Remote Code Execution Vulnerability via SSTI in Fides Webserver Jinja Email Templating Engine 04 Sep 2024
  • Fix available
  • Severity - 8.6 (High)
GHSA-2h46-8gf5-fmxv
  • PyPI/ethyca-fides
 Timing-Based Username Enumeration Vulnerability in Fides Webserver Authentication 04 Sep 2024
  • Fix available
GHSA-53q7-4874-24qg
  • PyPI/ethyca-fides
 Information Disclosure Vulnerability in Privacy Center of SERVER_SIDE_FIDES_API_URL 05 Jul 2024
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-cvw4-c69g-7v7m
  • PyPI/ethyca-fides
 Inclusion of Untrusted polyfill.io Code Vulnerability in fides.js 02 Jul 2024
  • Fix available
GHSA-rcvg-jj3g-rj7c
  • PyPI/ethyca-fides
 Sensitive Data Disclosure Vulnerability in Connection Configuration Endpoints 02 Jun 2024
  • Fix available
  • Severity - 6.5 (Medium)
GHSA-8cm5-jfj2-26q7
  • PyPI/ethyca-fides
 Fides Webserver Logs Hosted Database Password Partial Exposure Vulnerability 29 May 2024
  • Fix available
  • Severity - 2.3 (Low)
GHSA-82vr-5769-6358
  • PyPI/ethyca-fides
 Ethyca Fides Cryptographically Weak Generation of One-Time Codes for Identity Verification 16 Nov 2023
  • Fix available
  • Severity - 8.2 (High)
GHSA-3vpf-mcj7-5h38
  • PyPI/ethyca-fides
 Ethyca Fides HTML Injection Vulnerability in HTML-Formatted DSR Packages 08 Nov 2023
  • Fix available
  • Severity - 4.3 (Medium)
GHSA-fgjj-5jmr-gh83
  • PyPI/ethyca-fides
 Fides JavaScript Injection Vulnerability in Privacy Center URL 24 Oct 2023
  • Fix available
  • Severity - 3.9 (Low)
Load more...(1 page left)