Lucene search
K
PypaMost viewed

5616 matches found

PyPA
PyPA
•added 2021/03/08 9:15 p.m.•6 views

PYSEC-2021-44

Products.PluggableAuthService is a pluggable Zope authentication and authorization framework. In Products.PluggableAuthService before version 2.6.0 there is an information disclosure vulnerability - everyone can list the names of roles defined in the ZODB Role Manager plugin if the site uses this...

6.5CVSS6.5AI score0.01505EPSS
Exploits0References3Affected Software1
PyPA
PyPA
•added 2021/03/03 4:15 p.m.•6 views

PYSEC-2021-20

markdown2 =1.0.1.18, fixed in 2.4.0, is affected by a regular expression denial of service vulnerability. If an attacker provides a malicious string, it can make markdown2 processing difficult or delayed for an extended period of time...

7.5CVSS6.9AI score0.02384EPSS
Exploits1References5Affected Software1
PyPA
PyPA
•added 2021/03/03 9:15 a.m.•6 views

PYSEC-2021-40

Pillow before 8.1.1 allows attackers to cause a denial of service memory consumption because the reported size of a contained image is not properly checked for a BLP container, and thus an attempted memory allocation can be very large...

7.5CVSS6.7AI score0.0317EPSS
Exploits0References5Affected Software1
PyPA
PyPA
•added 2021/02/27 5:15 a.m.•6 views

PYSEC-2021-75

In SaltStack Salt before 3002.5, when authenticating to services using certain modules, the SSL certificate is not always validated...

7.4CVSS6.9AI score0.02954EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2021/02/27 5:15 a.m.•6 views

PYSEC-2021-53

An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level...

4.4CVSS7AI score0.00539EPSS
Exploits0References7Affected Software1
PyPA
PyPA
•added 2021/02/27 5:15 a.m.•6 views

PYSEC-2021-54

In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. They might be used to run command against the salt master or minions...

9.1CVSS7.1AI score0.05196EPSS
Exploits0References7Affected Software1
PyPA
PyPA
•added 2021/02/26 6:15 p.m.•6 views

PYSEC-2021-132

Synapse is a Matrix reference homeserver written in python pypi package matrix-synapse. Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.25.0, a malicious homeserver could redirect requests to their .well-known file to a large file. This can lead t...

6.5CVSS6.6AI score0.02164EPSS
Exploits0References4Affected Software1
PyPA
PyPA
•added 2021/02/09 9:15 p.m.•6 views

PYSEC-2021-142

A vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the fullload method or with the FullLoader loader. Applications that use the library to process untrusted input may be...

10CVSS8.2AI score0.05984EPSS
Exploits1References2Affected Software1
PyPA
PyPA
•added 2021/02/08 8:15 p.m.•6 views

PYSEC-2021-16

httplib2 is a comprehensive HTTP client library for Python. In httplib2 before version 0.19.0, a malicious server which responds with long series of "\xa0" characters in the "www-authenticate" header may cause Denial of Service CPU burn while parsing header of the httplib2 client accessing said...

7.5CVSS6.9AI score0.03876EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2021/02/02 5:58 p.m.•6 views

PYSEC-2021-865

In Mozilla Bleach before 3.3.0, a mutation XSS affects users calling bleach.clean with math or svg; p or br; and style, title, noscript, script, textarea, noframes, iframe, or xmp tags with stripcomments=False...

6.1CVSS6.3AI score0.00483EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2021/01/21 3:15 p.m.•6 views

PYSEC-2021-48

PySAML2 is a pure python implementation of SAML Version 2 Standard. PySAML2 before 6.5.0 has an improper verification of cryptographic signature vulnerability. All users of pysaml2 that need to validate signed SAML documents are impacted. The vulnerability is a variant of XML Signature wrapping...

6.5CVSS6.8AI score0.01078EPSS
Exploits0References4Affected Software1
PyPA
PyPA
•added 2021/01/13 4:15 a.m.•6 views

PYSEC-2021-67

JupyterHub 1.1.0 allows CSRF in the admin panel via a request that lacks an xsrf field, as demonstrated by a /hub/api/user request to add or remove a user account...

4.5CVSS9.1AI score0.00499EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2021/01/12 8:15 p.m.•6 views

PYSEC-2021-422

Bot Framework SDK Information Disclosure Vulnerability...

5.5CVSS6.6AI score0.01057EPSS
Exploits0References2Affected Software1
PyPA
PyPA
•added 2021/01/12 9:15 a.m.•6 views

PYSEC-2021-70

In Pillow before 8.1.0, TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode...

8.8CVSS7.4AI score0.01789EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2021/01/11 4:15 p.m.•6 views

PYSEC-2021-62

python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid PKCS1 v1.5 ciphertext...

5.9CVSS7.7AI score0.02454EPSS
Exploits0References2Affected Software1
PyPA
PyPA
•added 2021/01/11 10:15 a.m.•6 views

PYSEC-2021-876

Versions of Apache DolphinScheduler prior to 1.3.2 allowed an ordinary user under any tenant to override another users password through the API interface...

6.5CVSS7AI score0.01728EPSS
Exploits0References1Affected Software1
PyPA
PyPA
•added 2021/01/06 5:15 p.m.•6 views

PYSEC-2021-5

CairoSVG is a Python pypi package. CairoSVG is an SVG converter based on Cairo. In CairoSVG before version 2.5.1, there is a regular expression denial of service REDoS vulnerability. When processing SVG files, the python package CairoSVG uses two regular expressions which are vulnerable to Regula...

5.7CVSS6.7AI score0.01466EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/12/30 7:15 p.m.•6 views

PYSEC-2020-247

Plone before 5.2.3 allows SSRF attacks via the tracebacks feature only available to the Manager role...

8.8CVSS7AI score0.01066EPSS
Exploits0References4Affected Software1
PyPA
PyPA
•added 2020/12/30 7:15 p.m.•6 views

PYSEC-2020-248

Plone before 5.2.3 allows XXE attacks via a feature that is protected by an unapplied permission of plone.schemaeditor.ManageSchemata therefore, only available to the Manager role...

8.8CVSS6.8AI score0.01066EPSS
Exploits0References4Affected Software1
PyPA
PyPA
•added 2020/12/21 6:15 p.m.•6 views

PYSEC-2020-50

The Jupyter Server provides the backend i.e. the core services, APIs, and REST endpoints for Jupyter web applications like Jupyter notebook, JupyterLab, and Voila. In Jupyter Server before version 1.1.1, an open redirect vulnerability could cause the jupyter server to redirect the browser to a...

6.1CVSS6.7AI score0.01351EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/12/14 10:15 a.m.•6 views

PYSEC-2020-262

In Airflow versions prior to 1.10.13, when creating a user using airflow CLI, the password gets logged in plain text in the Log table in Airflow Metadatase. Same happened when creating a Connection with a password field...

6.5CVSS6.9AI score0.02537EPSS
Exploits0References2Affected Software1
PyPA
PyPA
•added 2020/12/10 11:15 p.m.•6 views

PYSEC-2020-140

In affected versions of TensorFlow the tf.rawops.DataFormatVecPermute API does not validate the srcformat and dstformat attributes. The code assumes that these two arguments define a permutation of NHWC. This can result in uninitialized memory accesses, read outside of bounds and even crashes. Th...

7.8CVSS7.1AI score0.00241EPSS
Exploits1References2Affected Software1
PyPA
PyPA
•added 2020/11/24 3:15 a.m.•6 views

PYSEC-2020-237

Matrix Synapse before 1.20.0 erroneously permits non-standard NaN, Infinity, and -Infinity JSON values in fields of m.room.member events, allowing remote attackers to execute a denial of service attack against the federation and common Matrix clients. If such a malformed event is accepted into th...

7.5CVSS7.1AI score0.02967EPSS
Exploits0References3Affected Software1
PyPA
PyPA
•added 2020/11/12 2:15 p.m.•6 views

PYSEC-2020-100

It was found that python-rsa is vulnerable to Bleichenbacher timing attacks. An attacker can use this flaw via the RSA decryption API to decrypt parts of the cipher text encrypted with RSA...

7.5CVSS6.9AI score0.01631EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2020/11/11 4:15 p.m.•6 views

PYSEC-2020-241

MoinMoin is a wiki engine. In MoinMoin before version 1.9.11, an attacker with write permissions can upload an SVG file that contains malicious javascript. This javascript will be executed in a user's browser when the user is viewing that SVG file on the wiki. Users are strongly advised to upgrad...

8.7CVSS7AI score0.01725EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/11/06 8:15 a.m.•6 views

PYSEC-2020-104

An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection...

9.8CVSS7AI score0.99585EPSS
Exploits5References14Affected Software1
PyPA
PyPA
•added 2020/10/26 6:15 p.m.•6 views

PYSEC-2020-61

In lookatme python/pypi package versions prior to 2.3.0, the package automatically loaded the built-in "terminal" and "fileloader" extensions. Users that use lookatme to render untrusted markdown may have malicious shell commands automatically run on their system. This is fixed in version 2.3.0. ...

9.3CVSS6.9AI score0.0198EPSS
Exploits1References5Affected Software1
PyPA
PyPA
•added 2020/10/21 9:15 p.m.•6 views

PYSEC-2020-331

In Tensorflow before version 2.4.0, when the boxes argument of tf.image.cropandresize has a very large value, the CPU kernel implementation receives it as a C++ nan floating point value. Attempting to operate on this is undefined behavior which later produces a segmentation fault. The issue is...

7.5CVSS6.8AI score0.00916EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2020/10/05 2:15 p.m.•6 views

PYSEC-2020-220

A flaw was found in Ansible Base when using the awsssm connection plugin as garbage collector is not happening after playbook run is completed. Files would remain in the bucket exposing the data. This issue affects directly data confidentiality...

5.5CVSS6.6AI score0.00319EPSS
Exploits0References3Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-310

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the implementation of SparseFillEmptyRowsGrad uses a double indexing pattern. It is possible for reverseindexmapi to be an index outside of bounds of gradvalues, thus resulting in a heap buffer overflow. The issue is patched in...

8.8CVSS7.2AI score0.00938EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-315

In Tensorflow before version 2.3.1, the RaggedCountSparseOutput implementation does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the values in the splits tensor generate a valid partitioning of the values tensor. Thus, the code sets ...

5.9CVSS7.2AI score0.00844EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-280

In Tensorflow before version 2.3.1, the RaggedCountSparseOutput implementation does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the values in the splits tensor generate a valid partitioning of the values tensor. Thus, the code sets ...

5.9CVSS7.2AI score0.00844EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-120

In Tensorflow before version 2.3.1, the SparseCountSparseOutput implementation does not validate that the input arguments form a valid sparse tensor. In particular, there is no validation that the indices tensor has rank 2. This tensor must be a matrix because code assumes its elements are access...

6.3CVSS6.9AI score0.0072EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-275

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the implementation of SparseFillEmptyRowsGrad uses a double indexing pattern. It is possible for reverseindexmapi to be an index outside of bounds of gradvalues, thus resulting in a heap buffer overflow. The issue is patched in...

8.8CVSS7.2AI score0.00938EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-124

In Tensorflow before version 2.3.1, the RaggedCountSparseOutput implementation does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the values in the splits tensor generate a valid partitioning of the values tensor. Hence, the code is...

6.8CVSS7.4AI score0.00563EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-313

In Tensorflow before version 2.3.1, the SparseCountSparseOutput implementation does not validate that the input arguments form a valid sparse tensor. In particular, there is no validation that the indices tensor has the same shape as the values one. The values in these tensors are always accessed...

5.8CVSS6.9AI score0.00537EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-327

In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger writes outside of bounds of heap allocated buffers by inserting negative elements in the segment ids tensor. Users having access to segmentidsdata can alter outputindex and then write to outside of outputdata...

8.6CVSS6.9AI score0.0061EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-117

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the SparseFillEmptyRowsGrad implementation has incomplete validation of the shapes of its arguments. Although reverseindexmapt and gradvaluest are accessed in a similar pattern, only reverseindexmapt is validated to be of proper...

5.3CVSS6.8AI score0.01017EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-114

In Tensorflow before versions 2.2.1 and 2.3.1, if a user passes an invalid argument to dlpack.todlpack the expected validations will cause variables to bind to nullptr while setting a status variable to the error condition. However, this status argument is not properly checked. Hence, code...

5.3CVSS7.1AI score0.00749EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-283

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, by controlling the fill argument of tf.strings.asstring, a malicious attacker is able to trigger a format string vulnerability due to the way the internal format use in a printf call is constructed. This may result in segmentati...

7.5CVSS6.9AI score0.00952EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-281

In Tensorflow before version 2.3.1, the RaggedCountSparseOutput implementation does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the values in the splits tensor generate a valid partitioning of the values tensor. Hence, the code is...

6.8CVSS7.4AI score0.00563EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-288

In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, when determining the common dimension size of two tensors, TFLite uses a DCHECK which is no-op outside of debug compilation modes. Since the function always returns the dimension of the first tensor, malicious attackers can...

9.8CVSS6.9AI score0.00893EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-314

In Tensorflow before version 2.3.1, the RaggedCountSparseOutput does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the splits tensor has the minimum required number of elements. Code uses this quantity to initialize a different data...

5.9CVSS7AI score0.00805EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-320

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the datasplits argument of tf.rawops.StringNGrams lacks validation. This allows a user to pass values that can cause heap overflow errors and even leak contents of memory In the linked code snippet, all the binary strings after ...

9.8CVSS7.3AI score0.01015EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-294

In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger a write out bounds / segmentation fault if the segment ids are not sorted. Code assumes that the segment ids are in increasing order, using the last element of the tensor holding them to determine the...

8.1CVSS6.9AI score0.00556EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-273

In Tensorflow before versions 2.2.1 and 2.3.1, the implementation of dlpack.todlpack can be made to use uninitialized memory resulting in further memory corruption. This is because the pybind11 glue code assumes that the argument is a tensor. However, there is nothing stopping users from passing ...

7.1CVSS7.1AI score0.00681EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-289

In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, a crafted TFLite model can force a node to have as input a tensor backed by a nullptr buffer. This can be achieved by changing a buffer index in the flatbuffer serialization to convert a read-only tensor to a read-write one...

5.9CVSS6.9AI score0.008EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-126

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, by controlling the fill argument of tf.strings.asstring, a malicious attacker is able to trigger a format string vulnerability due to the way the internal format use in a printf call is constructed. This may result in segmentati...

7.5CVSS6.9AI score0.00952EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-270

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the tf.rawops.Switch operation takes as input a tensor and a boolean and outputs two tensors. Depending on the boolean value, one of the tensors is exactly the input tensor whereas the other one should be an empty tensor. Howeve...

5.3CVSS6.8AI score0.00943EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-324

In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, a crafted TFLite model can force a node to have as input a tensor backed by a nullptr buffer. This can be achieved by changing a buffer index in the flatbuffer serialization to convert a read-only tensor to a read-write one...

5.9CVSS6.9AI score0.008EPSS
Exploits1References4Affected Software1
Total number of security vulnerabilities5000