OSV - Open Source Vulnerabilities

GHSA-4hfh-fch3-5q7p

SwiftURL/leaf-kit

Leaf-kit html escaping does not work on characters that are part of extended grapheme cluster

19 Feb

Fix available
Severity - 6.1 (Medium)

GHSA-cq3j-qj2h-6rv3

SwiftURL/github.com/apple/container
SwiftURL/github.com/apple/containerization

Container and Containerization archive extraction does not guard against escapes from extraction base directory.

22 Jan

Fix available
Severity - 1.9 (Low)

GHSA-mvpq-2v8x-ww6g

SwiftURL/github.com/swift-otel/swift-otel
SwiftURL/github.com/swift-otel/swift-w3c-trace-context

Swift W3C TraceContext vulnerable to a malformed HTTP header causing a crash

21 Jan

Fix available
Severity - 5.3 (Medium)

GHSA-88q6-jcjg-hvmw

SwiftURL/github.com/beatt83/jose-swift

jose-swift has JWT Signature Verification Bypass via None Algorithm

09 Jan

No fix available
Severity - 8.8 (High)

GHSA-pc9j-5v36-2mww

SwiftURL/github.com/awslabs/aws-sdk-swift

AWS SDK for Swift adopted defense in depth enhancement for region parameter value

08 Jan

Fix available
Severity - 3.7 (Low)

GHSA-xvr7-p2c6-j83w

SwiftURL/github.com/apple/swift-nio-http2

swift-nio-http2 affected by HTTP/2 MadeYouReset vulnerability

13 Aug 2025

Fix available
Severity - 6.3 (Medium)

GHSA-84m3-f99p-cqx5

Maven/org.pytorch:executorch-android
PyPI/executorch
SwiftURL/executorch

ExecuTorch integer overflow vulnerability

08 Aug 2025

Fix available
Severity - 9.8 (Critical)

GHSA-9m39-3mf3-xwch

Maven/org.pytorch:executorch-android
PyPI/executorch
SwiftURL/executorch

ExecuTorch heap buffer overflow vulnerability

08 Aug 2025

Fix available
Severity - 9.8 (Critical)

GHSA-f9hx-c6jf-3qxm

Maven/org.pytorch:executorch-android
PyPI/executorch
SwiftURL/executorch

ExecuTorch out-of-bounds access vulnerability

08 Aug 2025

Fix available
Severity - 9.8 (Critical)

GHSA-hj95-mhgf-jxc4

Maven/org.pytorch:executorch-android
PyPI/executorch
SwiftURL/executorch

ExecuTorch integer overflow vulnerability

08 Aug 2025

Fix available
Severity - 9.8 (Critical)

GHSA-xc7w-r669-48pf

Maven/org.pytorch:executorch-android
PyPI/executorch
SwiftURL/executorch

ExecuTorch vulnerable to Heap-based Buffer Overflow

08 Aug 2025

Fix available
Severity - 9.8 (Critical)

GHSA-h952-963h-rv99

Maven/org.pytorch:executorch-android
PyPI/executorch
SwiftURL/executorch

ExecuTorch vulnerable to Heap-based Buffer Overflow attack

11 Jul 2025

Fix available
Severity - 8.1 (High)

GHSA-wc9m-r3v6-9p5h

SwiftURL/github.com/sparkle-project/Sparkle

Sparkle Signing Checks Bypass

04 Feb 2025

Fix available
Severity - 7.3 (High)

GHSA-w8xv-rwgf-4fwh

SwiftURL/github.com/apple/swift-asn1

CVE-2025-0343: Swift ASN.1 can crash when parsing maliciously formed BER/DER

14 Jan 2025

Fix available

GHSA-fmq6-4w57-2w3v

PyPI/pywasm3
SwiftURL/github.com/shareup/wasm-interpreter-apple
crates.io/wasm3

wasm3 uncontrolled memory allocation vulnerability

09 Nov 2024

No fix available
Severity - 6.9 (Medium)

GHSA-x768-cvr2-345r

SwiftURL/github.com/swift-server/swift-prometheus

Un-sanitized metric name or labels can be used to take over exported metrics

29 Mar 2024

Fix available
Severity - 5.9 (Medium)

Load more...(2 pages left)