Vulnerability Database
Blog
FAQ
Docs
arrow_forward
search
light_mode
dark_mode
Vulnerabilities
search
All ecosystems
770013
AlmaLinux
5327
Alpaquita
11489
Alpine
4284
Android
2912
Azure Linux
12016
BellSoft Hardened Containers
574
Bitnami
8391
Chainguard
9390
CleanStart
1780
CRAN
14
crates.io
2564
Debian
59819
Echo
4229
GHC
3
GIT
92627
GitHub Actions
54
Go
8176
Hackage
32
Hex
187
Julia
1098
Linux
25283
Mageia
6025
Maven
6699
MinimOS
89124
npm
222641
NuGet
1772
opam
19
openEuler
7236
openSUSE
13513
OSS-Fuzz
3967
Packagist
6714
Pub
11
PyPI
23822
Red Hat
21280
Rocky Linux
3674
Root
17522
RubyGems
4565
SUSE
21424
SwiftURL
58
TuxCare
5803
Ubuntu
57348
VSCode
20
Wolfi
6527
ID
Packages
Summary
Published
arrow_upward
Attributes
HSEC-2026-0008
Hackage/crypton-x509
Hackage/crypton-x509-validation
Hackage/x509
Hackage/x509-validation
crypton-x509-validation and crypton-x509 do not enforce X.509 Name Constraints
03 Jun
Fix available
Severity - 6.8 (Medium)
HSEC-2026-0007
Hackage/aeson
Hackage/text-iso8601
Denial of Service and Memory Exhaustion in aeson and text-iso8601
22 May
Fix available
Severity - 7.5 (High)
HSEC-2026-0006
Hackage/Cabal
Cabal deletes project source files during configure
08 Apr
No fix available
Severity - 5.5 (Medium)
HSEC-2026-0004
Hackage/hackage-server
Hackage package metadata stored XSS vulnerability
28 Mar
No fix available
Severity - 9.9 (Critical)
HSEC-2026-0002
Hackage/hackage-server
Hackage CSRF vulnerability
28 Mar
No fix available
Severity - 9.6 (Critical)
HSEC-2024-0004
Hackage/hackage-server
Hackage package and doc upload stored XSS vulnerability
16 Jan
Fix available
Severity - 9.9 (Critical)
HSEC-2025-0007
Hackage/cmark-gfm
cmark-gfm: resource exhaustion due to quadratic complexity in parser
27 Dec 2025
Fix available
Severity - 7.5 (High)
HSEC-2025-0006
Hackage/crypton-x509-store
Hackage/x509-store
Private key leak via inherited file descriptor
17 Nov 2025
Fix available
Severity - 5.3 (Medium)
HSEC-2023-0001
Hackage/aeson
Hash flooding vulnerability in aeson
14 Nov 2025
Fix available
Severity - 6.5 (Medium)
HSEC-2023-0002
Hackage/biscuit-haskell
Improper Verification of Cryptographic Signature
14 Nov 2025
Fix available
Severity - 9.8 (Critical)
HSEC-2023-0003
Hackage/xmonad-contrib
code injection in xmonad-contrib
14 Nov 2025
Fix available
Severity - 7.5 (High)
HSEC-2023-0004
Hackage/xml-conduit
xml-conduit unbounded entity expansion
14 Nov 2025
Fix available
Severity - 7.5 (High)
HSEC-2023-0005
Hackage/tls-extra
tls-extra: certificate validation does not check Basic Constraints
14 Nov 2025
Fix available
Severity - 9.1 (Critical)
HSEC-2023-0006
Hackage/x509-validation
x509-validation does not enforce pathLenConstraint
14 Nov 2025
Fix available
Severity - 5.7 (Medium)
HSEC-2023-0007
Hackage/base
Hackage/toml-reader
readFloat: memory exhaustion with large exponent
14 Nov 2025
Fix available
Severity - 7.5 (High)
HSEC-2023-0008
Hackage/hledger-web
Stored XSS in hledger-web
14 Nov 2025
Fix available
Severity - 5.4 (Medium)
Load more...
(1 page left)
Hackage - OSV