Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

14 advisories

Loading
incorrect order of evaluation of side effects for some builtins Moderate
CVE-2023-41052 was published for vyper (pip) Sep 4, 2023
trocher
Vyper: reversed order of side effects for some operations Moderate
CVE-2023-40015 was published for vyper (pip) Sep 4, 2023
trocher
Vyper's nonpayable default functions are sometimes payable Moderate
CVE-2023-32675 was published for vyper (pip) May 22, 2023
trocher
wasmtime has a runtime crash when combining tail calls with trapping imports Moderate
CVE-2024-47763 was published for wasmtime (Rust) Oct 9, 2024
alexcrichton fitzgen
Requests `Session` object does not verify requests after making first request with verify=False Moderate
CVE-2024-35195 was published for requests (pip) May 20, 2024
mikeassel sigmavirus24
nateprewitt
eZ Platform Rules to disable executable access are ignored on Platform.sh (eZ Cloud) Moderate
GHSA-6xch-2vxx-5pvr was published for ezsystems/ezplatform (Composer) May 15, 2024
Incorrect control flow in Jenkins Gradle Plugin breaks credentials masking in the build log Moderate
CVE-2023-39152 was published for org.jenkins-ci.plugins:gradle (Maven) Jul 26, 2023
Always incorrect control flow in github.com/mojocn/base64Captcha Moderate
CVE-2023-45292 was published for github.com/mojocn/base64Captcha (Go) Dec 12, 2023
OpenZeppelin Contracts and Contracts Upgradeable duplicated execution of subcalls in v4.9.4 Moderate
CVE-2023-49798 was published for @openzeppelin/contracts (npm) Dec 12, 2023
Fiber unauthorized access vulnerability in `ctx.IsFromLocal()` Moderate
CVE-2023-41338 was published for github.com/gofiber/fiber (Go) Sep 8, 2023
schicho gaby
efectn jozsefsallai ReneWerner87
Incorrect is_static parameter for custom stateful precompiles in SputnikVM (evm) Moderate
CVE-2022-39354 was published for evm (Rust) Oct 25, 2022
Missing Handler in @scandipwa/magento-scripts Moderate
CVE-2021-32684 was published for @scandipwa/magento-scripts (npm) Jun 21, 2021
Seg fault in `ndarray_tensor_bridge` due to zero and large inputs Moderate
CVE-2022-41884 was published for tensorflow (pip) Nov 21, 2022
Solana Pay Vulnerable to Weakness in Transfer Validation Logic Moderate
CVE-2022-35917 was published for @solana/pay (npm) Aug 6, 2022
cmowenby
ProTip! Advisories are also available from the GraphQL API