PYSEC-2024-204

TorchGeo Remote Code Execution Vulnerability...

PYSEC-2024-305

wasm3 139076a contains memory leaks in Readutf8...

PYSEC-2024-303

wasm3 139076a is vulnerable to Denial of Service DoS...

apsbot (>=0.2.0 <=0.3.1), askagent (>=0.1.0 <=0.1.1) +36 more potentially affected by CVE-2024-38459 via langchain-experimental (>=0.0.10 <=0.0.60)

langchain-experimental PYPI version =0.0.10, =0.2.0, =0.1.0, =0.0.3, =0.1.1, =0.0.1a1, =0.0.1, =0.1.0, =0.1.4, =0.1.0, =0.1.21, =0.1.27 - lang-wrapper-for-rag =0.0.1 and more Source cves: CVE-2024-38459 Source advisory: OSV:PYSEC-2024-53...

PYSEC-2024-281

lunasvg v2.3.9 was discovered to contain a stack-buffer-underflow at lunasvg/source/layoutcontext.cpp...

PYSEC-2024-41

diffoscope before 256 allows directory traversal via an embedded filename in a GPG file. Contents of any file, such as ../.ssh/idrsa, may be disclosed to an attacker. This occurs because the value of the gpg --use-embedded-filenames option is trusted...

agixt (>=1.2.3 <=1.3.155), aicrowd-cli (>=0.1.8 <=0.1.15) +594 more potentially affected by CVE-2024-22190 via gitpython (>=0.3.4 <=3.1.40)

gitpython PYPI version =0.3.4, =1.2.3, =0.1.8, =0.5.0, =1.0.0, =1.0.1, =0.0.1, =2.0.1, =0.10.0, =0.0.1a0, =0.0.1b0, =0.0.3, =6.1.3, =0.0.3, =0.0.5rc2 - apache-liminal-test-spark =0.0.0 and more Source cves: CVE-2024-22190 Source advisory: OSV:PYSEC-2024-4...

paddle-ner (=0.1.0), paddle-quantum (>=1.1.1 <=2.2.1) +3 more potentially affected by CVE-2023-52310 via paddlepaddle (=1.8.5)

paddlepaddle PYPI version =1.8.5 is affected by a known vulnerability. The following packages have a transitive dependency on paddlepaddle and may be impacted: - paddle-ner =0.1.0 - paddle-quantum =1.1.1, =1.8.5.0, =1.8.5.1 - paddle-tokenizer =0.1.0 - pyunit-ner =2021.8.2 Source cves:...