CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2024-0098

Malicious code in bioql PyPI...

8.6CVSS6.3AI score0.14207EPSS

Exploits0References7

vulnersOsv•added 2024/12/10 6:31 a.m.•2 views

aws-service-catalog-factory (>=0.4.0 <=0.102.1), aws-service-catalog-puppet (>=0.1.0 <=0.253.0) +71 more potentially affected by CVE-2024-21542 via luigi (>=1.3.0 <=3.5.2)

luigi PYPI version =1.3.0, =0.4.0, =0.1.0, =0.3.1, =0.4.0, =0.0.8, =0.40.0, =1.0.1, =0.4.0, =1.0.0a20, =0.5.0, =0.0.7, =0.1.0, =0.1.0, =0.2.3, =0.10.20 and more Source cves: CVE-2024-21542 Source advisory: OSV:GHSA-8QCH-VJ6M-2694...

8.6CVSS5.8AI score0.14207EPSS

Exploits0

OSV•added 2024/12/10 5:15 a.m.•5 views

CVE-2024-21542

Versions of the package luigi before 3.6.0 are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip due to improper destination file path validation in the extractpackagesarchive function...

7.7CVSS6.7AI score0.14207EPSS

Exploits0References5

NVD•added 2024/12/10 5:15 a.m.•15 views

CVE-2024-21542

8.6CVSS0.14207EPSS

Exploits0References5

OSV•added 2024/12/10 5:15 a.m.•7 views

PYSEC-2024-159

8.6CVSS8.6AI score0.14207EPSS

Exploits0References5

vulnersOsv•added 2024/12/10 5:15 a.m.•0 views

aws-service-catalog-factory (>=0.4.0 <=0.102.1), aws-service-catalog-puppet (>=0.1.0 <=0.253.0) +71 more potentially affected by CVE-2024-21542 via luigi (>=1.3.0 <=3.5.2)

8.6CVSS5.8AI score0.14207EPSS

Exploits0

Cvelist•added 2024/12/10 5:0 a.m.•240 views

CVE-2024-21542

8.6CVSS0.14207EPSS

Exploits0References5

vulnersOsv•added 2024/08/24 11:15 a.m.•2 views

aws-service-catalog-factory (>=0.102.0 <=0.102.1), aws-service-catalog-puppet (>=0.96.0 <=0.253.0) +68 more potentially affected by CVE-2024-21542 via luigi (>=3.0.0b2 <=3.5.2)

luigi PYPI version =3.0.0b2, =0.102.0, =0.96.0, =0.4.0, =0.0.8, =0.40.0, =1.0.1, =0.4.0, =1.0.0a20, =0.5.0, =0.0.7, =0.1.0, =0.1.0, =0.2.3, =0.1.0, =0.1.12, =0.1.15 and more Source cves: CVE-2024-21542 Source advisory: SNYK:PYTHON-LUIGI-7830489...

8.6CVSS5.8AI score0.14207EPSS

Exploits0

vulnersOsv•added 2018/12/20 10:1 p.m.•1 views

b2luigi (>=0.3.1 <=0.5.0), py-rate (>=0.1.2 <=0.2.0) potentially affected by CVE-2018-1000843 via luigi (>=1.3.0 <=2.7.8)

luigi PYPI version =1.3.0, =0.3.1, =0.1.2, =0.2.0 Source cves: CVE-2018-1000843 Source advisory: OSV:GHSA-P69G-F978-XXV9...

8.8CVSS7.2AI score0.00136EPSS

Exploits1

PyPA•added 2018/12/20 3:29 p.m.•5 views

PYSEC-2018-11

Luigi version prior to version 2.8.0; after commit 53b52e12745075a8acc016d33945d9d6a7a6aaeb; after GitHub PR spotify/luigi/pull/1870 contains a Cross ite Request Forgery CSRF vulnerability in API endpoint: /api/ that can result in Task metadata such as task name, id, parameter, etc. will be leake...

8.8CVSS6.8AI score0.00136EPSS

Exploits1References4Affected Software1

vulnersOsv•added 2018/12/20 3:29 p.m.•0 views

b2luigi (>=0.3.1 <=0.5.0), py-rate (>=0.1.2 <=0.2.0) potentially affected by CVE-2018-1000843 via luigi (>=1.3.0 <=2.7.8)

luigi PYPI version =1.3.0, =0.3.1, =0.1.2, =0.2.0 Source cves: CVE-2018-1000843 Source advisory: OSV:PYSEC-2018-11...

8.8CVSS7.2AI score0.00136EPSS

Exploits1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by