Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-x698-5hjm-w2m5
  • PyPI/pyload-ng
 pyLoad is vulnerable to attacks that bypass localhost restrictions, enabling the creation of arbitrary packages yesterday
  • No fix available
  • Severity - 7.5 (High)
GHSA-j47q-rc62-w448
  • PyPI/fastapi-guard
 fastapi-guard is vulnerable to ReDoS through inefficient regex 2 days ago
  • Fix available
  • Severity - 6.9 (Medium)
GHSA-q93c-p2mw-p23f
  • PyPI/dagster
 Dagster vulnerable to Path Traversal attack through its /logs endpoint 2 days ago
  • Fix available
  • Severity - 4.4 (Medium)
GHSA-2rhq-96q8-4vjq
  • PyPI/llama-index-core
 LlamaIndex vulnerable to Path Traversal attack through its encode_image function 2 days ago
  • Fix available
  • Severity - 7.5 (High)
PYSEC-2025-65
  • PyPI/llama-index
  • github.com/run-llama/llama_index
 See record for full details 2 days ago
  • Fix available
GHSA-3j8r-jf9w-5cmh
  • PyPI/llama-index-readers-obsidian
 LlamaIndex vulnerability in its ObsidianReader class can lead to Path Traversal exploit 2 days ago
  • Fix available
  • Severity - 6.2 (Medium)
GHSA-3wxx-q3gv-pvvv
  • PyPI/llama-index-core
 LlamaIndex vulnerable to DoS attack through uncontrolled recursive JSON parsing 2 days ago
  • Fix available
  • Severity - 6.5 (Medium)
GHSA-j5pr-vrjj-9v4h
  • PyPI/lollms
 Lord of Large Language Models vulnerable to Observable Discrepancy attack via authenticate_user function 2 days ago
  • No fix available
  • Severity - 7.5 (High)
GHSA-489j-g2vx-39wf
  • PyPI/transformers
 Transformers vulnerable to ReDoS attack through its SETTING_RE variable 2 days ago
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-fmrf-6jv9-qjc7
  • PyPI/llama-index-readers-obsidian
 LlamaIndex is vulnerable to Path Traversal attack through its ObsidianReader class 2 days ago
  • Fix available
  • Severity - 7.5 (High)
GHSA-jjph-296x-mrcr
  • PyPI/transformers
 Transformers vulnerable to ReDoS attack through its get_imports() function 2 days ago
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-p7j4-jwjf-5x9w
  • PyPI/llama-index-readers-papers
 LlamaIndex vulnerability in ArxivReader class can cause MD5 hash collisions 2 days ago
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-phhr-52qp-3mj4
  • PyPI/transformers
 Transformers's Improper Input Validation vulnerability can be exploited through username injection 2 days ago
  • Fix available
  • Severity - 3.5 (Low)
GHSA-q2wp-rjmx-x6x9
  • PyPI/transformers
 Transformers's ReDoS vulnerability in get_configuration_file can lead to catastrophic backtracking 2 days ago
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-w42r-mrx7-c633
  • PyPI/llama-index-readers-papers
 LlamaIndex has an XML Entity Expansion vulnerability in its sitemap parser 2 days ago
  • Fix available
  • Severity - 7.5 (High)
GHSA-m84c-4c34-28gf
  • PyPI/llama-index-core
 LlamaIndex has Incomplete Documentation of Program Execution related to JsonPickleSerializer component 3 days ago
  • Fix available
  • Severity - 5.0 (Medium)
Load more...