Vulnerabilities

ID
Packages
Summary
Published
arrow_upward
Attributes
MAL-2024-11248
  • Not specified
Malicious code in gwinpy (PyPI) 1 hour ago
  • No fix available
GHSA-8498-2h75-472j
  • PyPI/django
Django denial-of-service in django.utils.html.strip_tags() 2 days ago
  • Fix available
  • Severity - 6.6 (Medium)
GHSA-m9g8-fxxm-xg86
  • PyPI/django
Django SQL injection in HasKey(lhs, rhs) on Oracle 2 days ago
  • Fix available
  • Severity - 7.2 (High)
GHSA-5jc6-h9w7-jm3p
  • PyPI/mobsf
Mobile Security Framework (MobSF) Stored Cross-Site Scripting Vulnerability in "Diff or Compare" Functionality 5 days ago
  • Fix available
  • Severity - 6.2 (Medium)
GHSA-56w4-5538-8v8h
  • PyPI/matrix-synapse
Synapse Matrix has a partial room state leak via Sliding Sync 5 days ago
  • Fix available
  • Severity - 4.3 (Medium)
GHSA-vp6v-whfm-rv3g
  • PyPI/matrix-synapse
Synapse can be forced to thumbnail unexpected file formats, invoking external, potentially untrustworthy decoders 5 days ago
  • Fix available
  • Severity - 8.2 (High)
GHSA-f3r3-h2mq-hx2h
  • PyPI/matrix-synapse
Synapse allows a a malformed invite to break the invitee's `/sync` 5 days ago
  • Fix available
  • Severity - 8.7 (High)
GHSA-rfq8-j7rh-8hf2
  • PyPI/matrix-synapse
Synapse allows unsupported content types to lead to memory exhaustion 5 days ago
  • Fix available
  • Severity - 8.2 (High)
GHSA-gjgr-7834-rhxr
  • PyPI/matrix-synapse
Synapse's unauthenticated writes to the media repository allow planting of problematic content 5 days ago
  • Fix available
  • Severity - 6.9 (Medium)
GHSA-4mhg-xv73-xq2x
  • PyPI/matrix-synapse
Synapse denial of service through media disk space consumption 5 days ago
  • Fix available
  • Severity - 8.7 (High)
GHSA-59g5-xgcq-4qw3
  • PyPI/python-multipart
Denial of service (DoS) via deformation `multipart/form-data` boundary 5 days ago
  • Fix available
  • Severity - 8.7 (High)
GHSA-p57h-3cmc-xpjq
  • PyPI/zhmcclient
Python package "zhmcclient" stores passwords in clear text in its HMC and API logs 6 days ago
  • Fix available
  • Severity - 6.2 (Medium)
GHSA-75c5-xw7c-p5pm
  • PyPI/pyjwt
PyJWT Issuer field partial matches allowed 6 days ago
  • Fix available
  • Severity - 2.1 (Low)
GHSA-q6mv-284r-mp36
  • PyPI/check-jsonschema
check-jsonschema default caching for remote schemas allows for cache confusion 6 days ago
  • Fix available
  • Severity - 6.1 (Medium)
GHSA-x4x5-jx9j-mmv7
  • PyPI/pyspider
pyspider Cross-site Scripting vulnerability 29 Nov
  • No fix available
  • Severity - 5.3 (Medium)
GHSA-v7vm-rhmg-8j2r
  • PyPI/ethyca-fides
Password Policy Bypass Vulnerability in Fides Webserver User Accept Invite API 26 Nov
  • Fix available
  • Severity - 1.9 (Low)