Vulnerability Database
Blog
FAQ
Docs
Vulnerability Library
search
All ecosystems
115955
AlmaLinux
2722
Alpine
3396
Android
881
Bitnami
3891
CRAN
10
crates.io
1346
Debian
9844
GIT
32956
GitHub Actions
16
Go
2136
Hackage
18
Hex
29
Linux
13573
Maven
4869
npm
14360
NuGet
581
OSS-Fuzz
3279
Packagist
3254
Pub
8
PyPI
11740
Rocky Linux
1121
RubyGems
786
SwiftURL
31
Ubuntu
5108
ID
Packages
Summary
Affected versions
Published
Fix
GHSA-ppx5-q359-pvwj
PyPI/vyper
vyper's range(start, start + N) reverts for negative numbers
0.3.10
0.3.10rc1
0.3.10rc2
0.3.10rc3
0.3.10rc4
0.3.10rc5
0.3.8
...
2024-04-25T19:53:43Z
Fix available
GHSA-xchq-w5r3-4wg3
PyPI/vyper
vyper performs incorrect topic logging in raw_log
0.1.0b1
0.1.0b10
0.1.0b11
0.1.0b12
0.1.0b13
0.1.0b14
0.1.0b15
...
2024-04-25T19:53:10Z
No fix available
GHSA-r56x-j438-vw5m
PyPI/vyper
vyper performs double eval of the slice args when buffer from adhoc locations
0.1.0b1
0.1.0b10
0.1.0b11
0.1.0b12
0.1.0b13
0.1.0b14
0.1.0b15
...
2024-04-25T19:51:41Z
No fix available
GHSA-3whq-64q2-qfj6
PyPI/vyper
vyper performs double eval of raw_args in create_from_blueprint
0.1.0b1
0.1.0b10
0.1.0b11
0.1.0b12
0.1.0b13
0.1.0b14
0.1.0b15
...
2024-04-25T19:50:50Z
No fix available
GHSA-m2v9-w374-5hj9
PyPI/vyper
vyper default functions don't respect nonreentrancy keys
0.1.0b1
0.1.0b10
0.1.0b11
0.1.0b12
0.1.0b13
0.1.0b14
0.1.0b15
...
2024-04-25T19:50:35Z
Fix available
GHSA-5jrj-52x8-m64h
PyPI/vyper
vyper performs double eval of the argument of sqrt
0.1.0b1
0.1.0b10
0.1.0b11
0.1.0b12
0.1.0b13
0.1.0b14
0.1.0b15
...
2024-04-25T19:50:16Z
No fix available
GHSA-3f7w-p8vr-4v5f
PyPI/pyload-ng
pyLoad allows upload to arbitrary folder lead to RCE
0.5.0a5.dev528
0.5.0a5.dev532
0.5.0a5.dev535
0.5.0a5.dev536
0.5.0a5.dev537
0.5.0a5.dev539
0.5.0a5.dev540
...
2024-04-24T21:16:59Z
No fix available
GHSA-2gr8-3wc7-xhj3
PyPI/social-auth-app-django
social-auth-app-django affected by Improper Handling of Case Sensitivity
0.0.1
0.1.0
1.0.0
1.0.1
1.1.0
1.2.0
2.0.0
...
2024-04-24T18:47:21Z
Fix available
GHSA-3h7q-rfh9-xm4v
PyPI/matrix-synapse
Synapse V2 state resolution weakness allows Denial of Service (DoS)
0.33.5
0.33.5.1
0.33.6
0.33.6rc1
0.33.7
0.33.7rc1
0.33.7rc2
...
2024-04-23T21:15:46Z
Fix available
PYSEC-2024-50
github.com/element-hq/synapse
PyPI/matrix-synapse
See record for full details
0.33.5
0.33.5.1
0.33.6
0.33.6rc1
0.33.7
0.33.7rc1
0.33.7rc2
...
2024-04-23T18:15:00Z
Fix available
GHSA-w228-rfpx-fhm4
PyPI/cg
cg vulnerable to an Open Redirect Vulnerability on Referer Header
0.9.0
0.9.1
1.0.0
1.0.0b2
12.1.3
12.1.4
12.1.5
...
2024-04-23T16:21:22Z
Fix available
GHSA-p72q-h37j-3hq7
PyPI/dbt-core
dbt uses a SQLparse version with a high vulnerability
1.6.0
1.6.1
1.6.10
1.6.11
1.6.12
1.6.1rc1
1.6.2
...
2024-04-22T22:17:59Z
Fix available
GHSA-rfm2-f94j-qhjp
PyPI/storlets
OpenStack Storlets arbitrary code execution vulnerability
0.1
0.3.1.dev55
0.6.0
0.7.0
1.0.0
10.0.0
10.0.0.0rc1
...
2024-04-22T12:30:33Z
Fix available
GHSA-3gg8-mc87-cq3h
PyPI/apache-airflow-providers-ftp
Improper Certificate Validation vulnerability in Apache Airflow FTP Provider
1.0.0
1.0.0b1
1.0.0b2
1.0.0rc1
1.0.1
1.0.1rc1
1.1.0
...
2024-04-21T18:30:36Z
Fix available
GHSA-84pr-m4jr-85g5
PyPI/flask-cors
flask-cors vulnerable to log injection when the log level is set to debug
1.0
1.1
1.1.1
1.1.2
1.1.3
1.10.0
1.10.1
...
2024-04-19T21:31:08Z
No fix available
GHSA-6cjm-4pxw-7xp9
PyPI/sentry
Sentry vulnerable to leaking superuser cleartext password in logs
See details.
2024-04-18T18:22:42Z
Fix available
Load more...
PyPI - OSV