Vulnerability Library

search
ID
Packages
Summary
Affected versions
Published
Fix
GHSA-ppx5-q359-pvwj
  • PyPI/vyper
 vyper's range(start, start + N) reverts for negative numbers
  • 0.3.10
  • 0.3.10rc1
  • 0.3.10rc2
  • 0.3.10rc3
  • 0.3.10rc4
  • 0.3.10rc5
  • 0.3.8
  • ...
 2024-04-25T19:53:43Z Fix available
GHSA-xchq-w5r3-4wg3
  • PyPI/vyper
 vyper performs incorrect topic logging in raw_log
  • 0.1.0b1
  • 0.1.0b10
  • 0.1.0b11
  • 0.1.0b12
  • 0.1.0b13
  • 0.1.0b14
  • 0.1.0b15
  • ...
 2024-04-25T19:53:10Z No fix available
GHSA-r56x-j438-vw5m
  • PyPI/vyper
 vyper performs double eval of the slice args when buffer from adhoc locations
  • 0.1.0b1
  • 0.1.0b10
  • 0.1.0b11
  • 0.1.0b12
  • 0.1.0b13
  • 0.1.0b14
  • 0.1.0b15
  • ...
 2024-04-25T19:51:41Z No fix available
GHSA-3whq-64q2-qfj6
  • PyPI/vyper
 vyper performs double eval of raw_args in create_from_blueprint
  • 0.1.0b1
  • 0.1.0b10
  • 0.1.0b11
  • 0.1.0b12
  • 0.1.0b13
  • 0.1.0b14
  • 0.1.0b15
  • ...
 2024-04-25T19:50:50Z No fix available
GHSA-m2v9-w374-5hj9
  • PyPI/vyper
 vyper default functions don't respect nonreentrancy keys
  • 0.1.0b1
  • 0.1.0b10
  • 0.1.0b11
  • 0.1.0b12
  • 0.1.0b13
  • 0.1.0b14
  • 0.1.0b15
  • ...
 2024-04-25T19:50:35Z Fix available
GHSA-5jrj-52x8-m64h
  • PyPI/vyper
 vyper performs double eval of the argument of sqrt
  • 0.1.0b1
  • 0.1.0b10
  • 0.1.0b11
  • 0.1.0b12
  • 0.1.0b13
  • 0.1.0b14
  • 0.1.0b15
  • ...
 2024-04-25T19:50:16Z No fix available
GHSA-3f7w-p8vr-4v5f
  • PyPI/pyload-ng
 pyLoad allows upload to arbitrary folder lead to RCE
  • 0.5.0a5.dev528
  • 0.5.0a5.dev532
  • 0.5.0a5.dev535
  • 0.5.0a5.dev536
  • 0.5.0a5.dev537
  • 0.5.0a5.dev539
  • 0.5.0a5.dev540
  • ...
 2024-04-24T21:16:59Z No fix available
GHSA-2gr8-3wc7-xhj3
  • PyPI/social-auth-app-django
 social-auth-app-django affected by Improper Handling of Case Sensitivity
  • 0.0.1
  • 0.1.0
  • 1.0.0
  • 1.0.1
  • 1.1.0
  • 1.2.0
  • 2.0.0
  • ...
 2024-04-24T18:47:21Z Fix available
GHSA-3h7q-rfh9-xm4v
  • PyPI/matrix-synapse
 Synapse V2 state resolution weakness allows Denial of Service (DoS)
  • 0.33.5
  • 0.33.5.1
  • 0.33.6
  • 0.33.6rc1
  • 0.33.7
  • 0.33.7rc1
  • 0.33.7rc2
  • ...
 2024-04-23T21:15:46Z Fix available
PYSEC-2024-50
  • github.com/element-hq/synapse
  • PyPI/matrix-synapse
 See record for full details
  • 0.33.5
  • 0.33.5.1
  • 0.33.6
  • 0.33.6rc1
  • 0.33.7
  • 0.33.7rc1
  • 0.33.7rc2
  • ...
 2024-04-23T18:15:00Z Fix available
GHSA-w228-rfpx-fhm4
  • PyPI/cg
 cg vulnerable to an Open Redirect Vulnerability on Referer Header
  • 0.9.0
  • 0.9.1
  • 1.0.0
  • 1.0.0b2
  • 12.1.3
  • 12.1.4
  • 12.1.5
  • ...
 2024-04-23T16:21:22Z Fix available
GHSA-p72q-h37j-3hq7
  • PyPI/dbt-core
 dbt uses a SQLparse version with a high vulnerability
  • 1.6.0
  • 1.6.1
  • 1.6.10
  • 1.6.11
  • 1.6.12
  • 1.6.1rc1
  • 1.6.2
  • ...
 2024-04-22T22:17:59Z Fix available
GHSA-rfm2-f94j-qhjp
  • PyPI/storlets
 OpenStack Storlets arbitrary code execution vulnerability
  • 0.1
  • 0.3.1.dev55
  • 0.6.0
  • 0.7.0
  • 1.0.0
  • 10.0.0
  • 10.0.0.0rc1
  • ...
 2024-04-22T12:30:33Z Fix available
GHSA-3gg8-mc87-cq3h
  • PyPI/apache-airflow-providers-ftp
 Improper Certificate Validation vulnerability in Apache Airflow FTP Provider
  • 1.0.0
  • 1.0.0b1
  • 1.0.0b2
  • 1.0.0rc1
  • 1.0.1
  • 1.0.1rc1
  • 1.1.0
  • ...
 2024-04-21T18:30:36Z Fix available
GHSA-84pr-m4jr-85g5
  • PyPI/flask-cors
 flask-cors vulnerable to log injection when the log level is set to debug
  • 1.0
  • 1.1
  • 1.1.1
  • 1.1.2
  • 1.1.3
  • 1.10.0
  • 1.10.1
  • ...
 2024-04-19T21:31:08Z No fix available
GHSA-6cjm-4pxw-7xp9
  • PyPI/sentry
 Sentry vulnerable to leaking superuser cleartext password in logs
  • See details.
 2024-04-18T18:22:42Z Fix available
Load more...