Vulnerabilities

ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-4pqm-j46f-795x
  • PyPI/hermes-agent
Hermes Agent contains a DNS rebinding vulnerability in WebSocket endpoints that allows remote attackers to bypass Host and Origin validation 17 Jun
  • Fix available
  • Severity - 8.7 (High)
GHSA-99f9-j8r3-p853
  • PyPI/hermes-agent
Hermes Agent creates response_store.db and webhook_subscriptions.json with world-readable permissions (mode 0o644) 17 Jun
  • Fix available
  • Severity - 6.8 (Medium)
GHSA-mv8x-fg99-32mf
  • PyPI/hermes-agent
hermes-agent has an Injection issue 01 Jun
  • Fix available
  • Severity - 2.9 (Low)
GHSA-cv5c-mh6j-wvp9
  • PyPI/hermes-agent
hermes-agent has an Incorrect Comparison 26 May
  • Fix available
  • Severity - 1.9 (Low)
GHSA-wm96-9gfh-vvgq
  • PyPI/hermes-agent
hermes-agent has a sandbox issue 26 May
  • Fix available
  • Severity - 5.5 (Medium)
GHSA-pgp4-xr4j-h5cg
  • PyPI/hermes-agent
hermes-agent has an Injection issue 26 May
  • Fix available
  • Severity - 5.5 (Medium)
GHSA-238w-f66p-w349
  • PyPI/hermes-agent
hermes-agent has an Injection issue 26 May
  • Fix available
  • Severity - 5.5 (Medium)