org.apache.hugegraph:hg-pd-dist (=1.5.0), org.apache.hugegraph:hg-pd-service (=1.5.0) +1 more potentially affected by CVE-2025-26866 via org.apache.hugegraph:hg-pd-core (=1.5.0)

org.apache.hugegraph:hg-pd-core MAVEN version =1.5.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.hugegraph:hg-pd-core and may be impacted: - org.apache.hugegraph:hg-pd-dist =1.5.0 - org.apache.hugegraph:hg-pd-service =1.5.0 -...

EUVD-2022-1341

Malicious code in bioql PyPI...

CVE-2015-8371

Composer before 2016-02-10 allows cache poisoning from other projects built on the same host. This results in attacker-controlled code entering a server-side build process. The issue occurs because of the way that dist packages are cached. The cache key is derived from the package name, the dist...

chellow (>=2050.0.0 <=2230.0.0), dcicsnovault (>=2.0.0b0 <=2.0.0b11) +11 more potentially affected by CVE-2019-16786 via waitress (>=0.8.10 <=1.3.1)

waitress PYPI version =0.8.10, =2050.0.0, =2.0.0b0, =1.4.0, =17.4.0, =1.1.0.dev20170908, =1.3.7, =0.9.1, =1.0.3, =1.0.4 Source cves: CVE-2019-16786 Source advisory: OSV:GHSA-G2XC-35JW-C63P...