Lucene search
+L

29 matches found

cgr
cgr
added 2026/07/03 8:22 p.m.15 views

GHSA-3RJW-M598-PQ24 vulnerabilities

Vulnerabilities for packages: komodo, apollo-router, deno, mountpoint-s3, yazi, pixi...

6.1AI score
Exploits0
cgr
cgr
added 2026/07/03 8:22 p.m.11 views

CVE-2026-50185 vulnerabilities

Vulnerabilities for packages: komodo, apollo-router, deno, mountpoint-s3, yazi, pixi...

6.1AI score
Exploits0
vulnersosv
vulnersosv
added 2026/06/01 2:15 p.m.6 views

mahoraga (>=0.5.1 <=0.6.0), pixi-browse (>=0.0.1 <=0.0.13) +2 more potentially affected by CVE-2026-47425 via py-rattler (>=0.22.0 <=0.23.2)

py-rattler PYPI version =0.22.0, =0.5.1, =0.0.1, =0.1.0, =0.8.0 Source cves: CVE-2026-47425 Source advisory: OSV:GHSA-Q53Q-5R4J-5729...

5.7AI score0.00058EPSS
Exploits0
osv
osv
added 2026/06/01 2:15 p.m.11 views

GHSA-Q53Q-5R4J-5729 rattler has an entry-point path traversal in noarch:python install (arbitrary file write)

Summary EntryPoint::FromStr in rattlercondatypes performs only .trim on the command field before the linker joins it onto the install prefix and writes an executable Python script. A malicious noarch:python package can ship an info/link.json with an entry-point name containing .., /, , or an...

8.7CVSS5.9AI score0.00058EPSS
Exploits0References3
github
github
added 2026/06/01 2:15 p.m.21 views

rattler has an entry-point path traversal in noarch:python install (arbitrary file write)

Summary EntryPoint::FromStr in rattlercondatypes performs only .trim on the command field before the linker joins it onto the install prefix and writes an executable Python script. A malicious noarch:python package can ship an info/link.json with an entry-point name containing .., /, , or an...

5.9AI score0.00058EPSS
Exploits0References3Affected Software2
wolfi
wolfi
added 2026/01/07 1:51 a.m.6 views

CVE-2025-4574 vulnerabilities

Vulnerabilities for packages: nushell, oranda, cargo-c, wasmcloud, pixi, rust-analyzer, deno, cargo-audit, wadm, samply, yara-x, starship, yazi, oxipng, fd, zed, ruff, lychee...

6.5CVSS6.6AI score0.00484EPSS
Exploits0
cgr
cgr
added 2026/01/07 1:29 a.m.12 views

CVE-2025-4574 vulnerabilities

Vulnerabilities for packages: wasmcloud, lychee, deno, rust-analyzer, cargo-c, yazi, pixi, cargo-audit, ztunnel, starship, samply, ztunnel-fips, wadm, zed, nushell, oranda, fd, ruff, yara-x, oxipng...

6.5CVSS6.6AI score0.00484EPSS
Exploits0
wolfi
wolfi
added 2025/10/22 1:48 p.m.4 views

GHSA-J5GW-2VRG-8FGX vulnerabilities

Vulnerabilities for packages: pixi...

7AI score
Exploits0
wolfi
wolfi
added 2025/10/22 1:48 p.m.9 views

CVE-2025-62518 vulnerabilities

Vulnerabilities for packages: pixi...

8.1CVSS7AI score0.00688EPSS
Exploits1
cgr
cgr
added 2025/10/22 1:25 p.m.4 views

GHSA-J5GW-2VRG-8FGX vulnerabilities

Vulnerabilities for packages: pixi...

7AI score
Exploits0
cgr
cgr
added 2025/10/22 1:25 p.m.8 views

CVE-2025-62518 vulnerabilities

Vulnerabilities for packages: pixi...

8.1CVSS7AI score0.00688EPSS
Exploits1
wolfi
wolfi
added 2025/08/12 1:47 p.m.6 views

CVE-2025-55159 vulnerabilities

Vulnerabilities for packages: linkerd-extension-init, shadowsocks-rust, zola, pixi, linkerd2, linkerd2-proxy, uv, buck2, efs-utils, mdbook...

5.1CVSS6.1AI score0.00167EPSS
Exploits0
wolfi
wolfi
added 2025/08/12 1:47 p.m.5 views

GHSA-QX2V-8332-M4FV vulnerabilities

Vulnerabilities for packages: linkerd-extension-init, shadowsocks-rust, zola, pixi, linkerd2, linkerd2-proxy, uv, buck2, efs-utils, mdbook...

6.1AI score
Exploits0
cgr
cgr
added 2025/08/12 1:17 p.m.7 views

CVE-2025-55159 vulnerabilities

Vulnerabilities for packages: buck2, linkerd-extension-init, zola, shadowsocks-rust, efs-utils, uv, mdbook, jujutsu, linkerd2-proxy, linkerd2, pixi...

5.1CVSS6.1AI score0.00167EPSS
Exploits0
cgr
cgr
added 2025/08/12 1:17 p.m.5 views

GHSA-QX2V-8332-M4FV vulnerabilities

Vulnerabilities for packages: buck2, linkerd-extension-init, zola, shadowsocks-rust, efs-utils, uv, mdbook, jujutsu, linkerd2-proxy, linkerd2, pixi...

6.1AI score
Exploits0
cgr
cgr
added 2025/03/07 4:23 p.m.10 views

GHSA-4P46-PWFR-66X6 vulnerabilities

Vulnerabilities for packages: wasm-pack, wasmcloud, sqlx, linkerd2-proxy, xh, lychee, deno, fnm, atuin, wasmtime, pixi, buck2, shadowsocks-rust, uv, cargo-audit, ztunnel, rye, parseable, kdash, wash, samply, rustls-ffi, ztunnel-fips, rustup, ntpd-rs, linkerd-extension-init, wadm, zed, sccache,...

6.1AI score
Exploits0
cgr
cgr
added 2024/11/25 4:57 p.m.5 views

GHSA-QG5G-GV98-5FFH vulnerabilities

Vulnerabilities for packages: wadm, uv, cargo-audit, ztunnel, wasm-pack, wasmcloud, xh, tealdeer, zed, parseable, qdrant, fnm, wash, ntpd-rs, pixi...

6.1AI score
Exploits0
wolfi
wolfi
added 2024/09/16 5:19 p.m.5 views

GHSA-2326-PFPJ-VX3H vulnerabilities

Vulnerabilities for packages: nushell, parseable, pixi, deno, wash...

6.1AI score
Exploits0
cgr
cgr
added 2024/09/03 8:49 p.m.52 views

GHSA-VR26-JCQ5-FJJ8 vulnerabilities

Vulnerabilities for packages: uv, wasmcloud, qdrant, wash, pixi...

6.1AI score
Exploits0
cgr
cgr
added 2024/07/22 5:34 p.m.14 views

GHSA-Q445-7M23-QRMW vulnerabilities

Vulnerabilities for packages: berg, zed, sdp-k8s-injector, lychee, sccache, rustup, pixi...

6.1AI score
Exploits0
Rows per page
Query Builder