Vulnerabilities

ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-xffm-g5w8-qvg7
  • npm/@eslint/plugin-kit
@eslint/plugin-kit is vulnerable to Regular Expression Denial of Service attacks through ConfigCommentParser 4 hours ago
  • Fix available
  • Severity - 7.7 (High)
CVE-2025-54310
  • Debian:11/qbittorrent
  • Debian:12/qbittorrent
  • Debian:13/qbittorrent
See record for full details 5 hours ago
  • Fix available
GHSA-5662-cv6m-63wh
  • Go/chainguard.dev/melange
melange's world-writable permissions expose SBOM files to potential image tampering 5 hours ago
  • Fix available
  • Severity - 4.4 (Medium)
GHSA-x6ph-r535-3vjw
  • Go/chainguard.dev/apko
apko is vulnerable to attack through incorrect permissions in /etc/ld.so.cache and other files 5 hours ago
  • Fix available
  • Severity - 7.0 (High)
GHSA-fm79-3f68-h2fc
  • crates.io/wasmtime-wasi
Wasmtime CLI is vulnerable to host panic through its fd_renumber function 5 hours ago
  • Fix available
  • Severity - 3.5 (Low)
CGA-gqc6-c8ch-958v
  • Chainguard/cert-manager-1.12
  • Chainguard/cert-manager-acmesolver-1.12
  • Chainguard/cert-manager-acmesolver-1.12-bitnami-compat
  • Chainguard/cert-manager-acmesolver-1.12-iamguarded-compat
  • Chainguard/cert-manager-cainjector-1.12
  • Chainguard/cert-manager-cainjector-1.12-bitnami-compat
  • Chainguard/cert-manager-cainjector-1.12-iamguarded-compat
  • Chainguard/cert-manager-controller-1.12
  • Chainguard/cert-manager-controller-1.12-bitnami-compat
  • Chainguard/cert-manager-controller-1.12-iamguarded-compat
  • Chainguard/cert-manager-webhook-1.12
  • Chainguard/cert-manager-webhook-1.12-bitnami-compat
  • Chainguard/cert-manager-webhook-1.12-iamguarded-compat
  • Chainguard/cmctl-1.12
See record for full details 5 hours ago
  • Fix available
CGA-f59m-6vrr-qp9v
  • Chainguard/request-1276
  • Chainguard/request-1276-compat
See record for full details 6 hours ago
  • Fix available
GHSA-6v2p-p543-phr9
  • Go/golang.org/x/oauth2
golang.org/x/oauth2 Improper Validation of Syntactic Correctness of Input vulnerability 7 hours ago
  • Fix available
  • Severity - 7.5 (High)
MAL-2025-6009
  • npm/protolab
Malicious code in protolab (npm) 8 hours ago
  • No fix available
CGA-9qh3-hfch-g4rf
  • Chainguard/airflow-core-2
  • Chainguard/airflow-core-2-compat
  • Chainguard/airflow-core-2-oci-entrypoint
See record for full details 9 hours ago
  • Fix available
MAL-2025-6008
  • npm/os-apps-ui-curvelibrary1
Malicious code in os-apps-ui-curvelibrary1 (npm) 9 hours ago
  • No fix available
MAL-2025-6007
  • PyPI/groq-mcp
Malicious code in groq-mcp (PyPI) 12 hours ago
  • No fix available
MAL-2025-6006
  • npm/everestsystems-content-core
Malicious code in everestsystems-content-core (npm) 12 hours ago
  • No fix available
RUSTSEC-2025-0046
  • crates.io/wasmtime
Host panic with `fd_renumber` WASIp1 function 13 hours ago
  • Fix available
  • Severity - 3.3 (Low)
USN-7651-2
  • Ubuntu:22.04:LTS/linux-ibm-6.8
  • Ubuntu:22.04:LTS/linux-lowlatency-hwe-6.8
  • Ubuntu:24.04:LTS/linux-ibm
  • Ubuntu:24.04:LTS/linux-lowlatency
linux-ibm, linux-ibm-6.8, linux-lowlatency, linux-lowlatency-hwe-6.8 vulnerabilities 15 hours ago
  • Fix available
RHSA-2025:11381
  • Red Hat:rhel_e4s:9.2::appstream/tomcat
  • Red Hat:rhel_e4s:9.2::appstream/tomcat-admin-webapps
  • Red Hat:rhel_e4s:9.2::appstream/tomcat-docs-webapp
  • Red Hat:rhel_e4s:9.2::appstream/tomcat-el-3.0-api
  • Red Hat:rhel_e4s:9.2::appstream/tomcat-jsp-2.3-api
  • Red Hat:rhel_e4s:9.2::appstream/tomcat-lib
  • Red Hat:rhel_e4s:9.2::appstream/tomcat-servlet-4.0-api
  • Red Hat:rhel_e4s:9.2::appstream/tomcat-webapps
Red Hat Security Advisory: tomcat security update 15 hours ago
  • Fix available
  • Severity - 8.1 (High)