Lucene search
K
PypaMost viewed

5624 matches found

PyPA
PyPA
•added 2020/12/30 7:15 p.m.•6 views

PYSEC-2020-247

Plone before 5.2.3 allows SSRF attacks via the tracebacks feature only available to the Manager role...

8.8CVSS7AI score0.01066EPSS
Exploits0References4Affected Software1
PyPA
PyPA
•added 2020/12/30 7:15 p.m.•6 views

PYSEC-2020-248

Plone before 5.2.3 allows XXE attacks via a feature that is protected by an unapplied permission of plone.schemaeditor.ManageSchemata therefore, only available to the Manager role...

8.8CVSS6.8AI score0.01066EPSS
Exploits0References4Affected Software1
PyPA
PyPA
•added 2020/12/21 6:15 p.m.•6 views

PYSEC-2020-50

The Jupyter Server provides the backend i.e. the core services, APIs, and REST endpoints for Jupyter web applications like Jupyter notebook, JupyterLab, and Voila. In Jupyter Server before version 1.1.1, an open redirect vulnerability could cause the jupyter server to redirect the browser to a...

6.1CVSS6.7AI score0.01351EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/12/14 10:15 a.m.•6 views

PYSEC-2020-262

In Airflow versions prior to 1.10.13, when creating a user using airflow CLI, the password gets logged in plain text in the Log table in Airflow Metadatase. Same happened when creating a Connection with a password field...

6.5CVSS6.9AI score0.02537EPSS
Exploits0References2Affected Software1
PyPA
PyPA
•added 2020/12/10 11:15 p.m.•6 views

PYSEC-2020-140

In affected versions of TensorFlow the tf.rawops.DataFormatVecPermute API does not validate the srcformat and dstformat attributes. The code assumes that these two arguments define a permutation of NHWC. This can result in uninitialized memory accesses, read outside of bounds and even crashes. Th...

7.8CVSS7.1AI score0.00241EPSS
Exploits1References2Affected Software1
PyPA
PyPA
•added 2020/12/10 11:15 p.m.•6 views

PYSEC-2020-297

In affected versions of TensorFlow under certain cases a saved model can trigger use of uninitialized values during code execution. This is caused by having tensor buffers be filled with the default value of the type but forgetting to default initialize the quantized floating point types in Eigen...

5.3CVSS7.5AI score0.00243EPSS
Exploits1References2Affected Software1
PyPA
PyPA
•added 2020/11/24 3:15 a.m.•6 views

PYSEC-2020-237

Matrix Synapse before 1.20.0 erroneously permits non-standard NaN, Infinity, and -Infinity JSON values in fields of m.room.member events, allowing remote attackers to execute a denial of service attack against the federation and common Matrix clients. If such a malformed event is accepted into th...

7.5CVSS7.1AI score0.02967EPSS
Exploits0References3Affected Software1
PyPA
PyPA
•added 2020/11/12 2:15 p.m.•6 views

PYSEC-2020-100

It was found that python-rsa is vulnerable to Bleichenbacher timing attacks. An attacker can use this flaw via the RSA decryption API to decrypt parts of the cipher text encrypted with RSA...

7.5CVSS6.9AI score0.01631EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2020/11/11 4:15 p.m.•6 views

PYSEC-2020-241

MoinMoin is a wiki engine. In MoinMoin before version 1.9.11, an attacker with write permissions can upload an SVG file that contains malicious javascript. This javascript will be executed in a user's browser when the user is viewing that SVG file on the wiki. Users are strongly advised to upgrad...

8.7CVSS7AI score0.01725EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/11/06 8:15 a.m.•6 views

PYSEC-2020-104

An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection...

9.8CVSS7AI score0.99585EPSS
Exploits5References14Affected Software1
PyPA
PyPA
•added 2020/10/26 6:15 p.m.•6 views

PYSEC-2020-61

In lookatme python/pypi package versions prior to 2.3.0, the package automatically loaded the built-in "terminal" and "fileloader" extensions. Users that use lookatme to render untrusted markdown may have malicious shell commands automatically run on their system. This is fixed in version 2.3.0. ...

9.3CVSS6.9AI score0.0198EPSS
Exploits1References5Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-116

In Tensorflow before versions 2.2.1 and 2.3.1, the implementation of dlpack.todlpack can be made to use uninitialized memory resulting in further memory corruption. This is because the pybind11 glue code assumes that the argument is a tensor. However, there is nothing stopping users from passing ...

7.1CVSS7.1AI score0.00681EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-318

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, by controlling the fill argument of tf.strings.asstring, a malicious attacker is able to trigger a format string vulnerability due to the way the internal format use in a printf call is constructed. This may result in segmentati...

7.5CVSS6.9AI score0.00952EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-315

In Tensorflow before version 2.3.1, the RaggedCountSparseOutput implementation does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the values in the splits tensor generate a valid partitioning of the values tensor. Thus, the code sets ...

5.9CVSS7.2AI score0.00844EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-280

In Tensorflow before version 2.3.1, the RaggedCountSparseOutput implementation does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the values in the splits tensor generate a valid partitioning of the values tensor. Thus, the code sets ...

5.9CVSS7.2AI score0.00844EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-124

In Tensorflow before version 2.3.1, the RaggedCountSparseOutput implementation does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the values in the splits tensor generate a valid partitioning of the values tensor. Hence, the code is...

6.8CVSS7.4AI score0.00563EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-313

In Tensorflow before version 2.3.1, the SparseCountSparseOutput implementation does not validate that the input arguments form a valid sparse tensor. In particular, there is no validation that the indices tensor has the same shape as the values one. The values in these tensors are always accessed...

5.8CVSS6.9AI score0.00537EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-327

In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger writes outside of bounds of heap allocated buffers by inserting negative elements in the segment ids tensor. Users having access to segmentidsdata can alter outputindex and then write to outside of outputdata...

8.6CVSS6.9AI score0.0061EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-114

In Tensorflow before versions 2.2.1 and 2.3.1, if a user passes an invalid argument to dlpack.todlpack the expected validations will cause variables to bind to nullptr while setting a status variable to the error condition. However, this status argument is not properly checked. Hence, code...

5.3CVSS7.1AI score0.00749EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-283

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, by controlling the fill argument of tf.strings.asstring, a malicious attacker is able to trigger a format string vulnerability due to the way the internal format use in a printf call is constructed. This may result in segmentati...

7.5CVSS6.9AI score0.00952EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-281

In Tensorflow before version 2.3.1, the RaggedCountSparseOutput implementation does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the values in the splits tensor generate a valid partitioning of the values tensor. Hence, the code is...

6.8CVSS7.4AI score0.00563EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-288

In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, when determining the common dimension size of two tensors, TFLite uses a DCHECK which is no-op outside of debug compilation modes. Since the function always returns the dimension of the first tensor, malicious attackers can...

9.8CVSS6.9AI score0.00893EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-321

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, changing the TensorFlow's SavedModel protocol buffer and altering the name of required keys results in segfaults and data corruption while loading the model. This can cause a denial of service in products using tensorflow-servin...

9CVSS7AI score0.00944EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-135

In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger writes outside of bounds of heap allocated buffers by inserting negative elements in the segment ids tensor. Users having access to segmentidsdata can alter outputindex and then write to outside of outputdata...

8.6CVSS6.9AI score0.0061EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-314

In Tensorflow before version 2.3.1, the RaggedCountSparseOutput does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the splits tensor has the minimum required number of elements. Code uses this quantity to initialize a different data...

5.9CVSS7AI score0.00805EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-320

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the datasplits argument of tf.rawops.StringNGrams lacks validation. This allows a user to pass values that can cause heap overflow errors and even leak contents of memory In the linked code snippet, all the binary strings after ...

9.8CVSS7.3AI score0.01015EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-294

In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger a write out bounds / segmentation fault if the segment ids are not sorted. Code assumes that the segment ids are in increasing order, using the last element of the tensor holding them to determine the...

8.1CVSS6.9AI score0.00556EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-273

In Tensorflow before versions 2.2.1 and 2.3.1, the implementation of dlpack.todlpack can be made to use uninitialized memory resulting in further memory corruption. This is because the pybind11 glue code assumes that the argument is a tensor. However, there is nothing stopping users from passing ...

7.1CVSS7.1AI score0.00681EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-289

In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, a crafted TFLite model can force a node to have as input a tensor backed by a nullptr buffer. This can be achieved by changing a buffer index in the flatbuffer serialization to convert a read-only tensor to a read-write one...

5.9CVSS6.9AI score0.008EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-126

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, by controlling the fill argument of tf.strings.asstring, a malicious attacker is able to trigger a format string vulnerability due to the way the internal format use in a printf call is constructed. This may result in segmentati...

7.5CVSS6.9AI score0.00952EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-270

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the tf.rawops.Switch operation takes as input a tensor and a boolean and outputs two tensors. Depending on the boolean value, one of the tensors is exactly the input tensor whereas the other one should be an empty tensor. Howeve...

5.3CVSS6.8AI score0.00943EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-324

In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, a crafted TFLite model can force a node to have as input a tensor backed by a nullptr buffer. This can be achieved by changing a buffer index in the flatbuffer serialization to convert a read-only tensor to a read-write one...

5.9CVSS6.9AI score0.008EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-132

In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, a crafted TFLite model can force a node to have as input a tensor backed by a nullptr buffer. This can be achieved by changing a buffer index in the flatbuffer serialization to convert a read-only tensor to a read-write one...

5.9CVSS6.9AI score0.008EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-317

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the Shard API in TensorFlow expects the last argument to be a function taking two int64 i.e., long long arguments. However, there are several places in TensorFlow where a lambda taking int or int32 arguments is being used. In...

9CVSS6.9AI score0.01235EPSS
Exploits1References5Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-312

In Tensorflow before version 2.3.1, the SparseCountSparseOutput implementation does not validate that the input arguments form a valid sparse tensor. In particular, there is no validation that the indices tensor has rank 2. This tensor must be a matrix because code assumes its elements are access...

6.3CVSS6.9AI score0.0072EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-316

In Tensorflow before version 2.3.1, the RaggedCountSparseOutput implementation does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the values in the splits tensor generate a valid partitioning of the values tensor. Hence, the code is...

6.8CVSS7.4AI score0.00563EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-274

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the SparseFillEmptyRowsGrad implementation has incomplete validation of the shapes of its arguments. Although reverseindexmapt and gradvaluest are accessed in a similar pattern, only reverseindexmapt is validated to be of proper...

5.3CVSS6.8AI score0.01017EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-292

In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger writes outside of bounds of heap allocated buffers by inserting negative elements in the segment ids tensor. Users having access to segmentidsdata can alter outputindex and then write to outside of outputdata...

8.6CVSS6.9AI score0.0061EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-291

In TensorFlow Lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, saved models in the flatbuffer format use a double indexing scheme: a model has a set of subgraphs, each subgraph has a set of operators and each operator has a set of input/output tensors. The flatbuffer format uses indice...

5.8CVSS7AI score0.00905EPSS
Exploits1References9Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-115

In Tensorflow before versions 2.2.1 and 2.3.1, if a user passes a list of strings to dlpack.todlpack there is a memory leak following an expected validation failure. The issue occurs because the status argument during validation failures is not properly checked. Since each of the above methods ca...

4.3CVSS6.7AI score0.00684EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/23 1:15 p.m.•6 views

PYSEC-2020-209

A flaw was found in the Ansible Engine, in ansible-engine 2.8.x before 2.8.15 and ansible-engine 2.9.x before 2.9.13, when installing packages using the dnf module. GPG signatures are ignored during installation even when disablegpgcheck is set to False, which is the default behavior. This flaw...

7.1CVSS7.2AI score0.00233EPSS
Exploits0References2Affected Software1
PyPA
PyPA
•added 2020/09/17 2:15 p.m.•6 views

PYSEC-2020-19

In Apache Airflow 1.10.12, the "origin" parameter passed to some of the endpoints like '/trigger' was vulnerable to XSS exploit...

6.1CVSS6.4AI score0.25076EPSS
Exploits0References10Affected Software1
PyPA
PyPA
•added 2020/09/15 10:15 a.m.•6 views

PYSEC-2020-29

A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli...

6.5CVSS7.3AI score0.03217EPSS
Exploits0References12Affected Software1
PyPA
PyPA
•added 2020/09/04 8:15 p.m.•6 views

PYSEC-2020-173

The pip package before 19.2 for Python allows Directory Traversal when a URL is given in an install command, because a Content-Disposition header can have ../ in a filename, as demonstrated by overwriting the /root/.ssh/authorizedkeys file. This occurs in downloadhttpurl in internal/download.py...

7.5CVSS9AI score0.03028EPSS
Exploits1References7Affected Software1
PyPA
PyPA
•added 2020/09/01 1:15 p.m.•6 views

PYSEC-2020-33

An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 when Python 3.7+ is used. FILEUPLOADDIRECTORYPERMISSIONS mode was not applied to intermediate-level directories created in the process of uploading files. It was also not applied to intermediate-level...

7.5CVSS6.9AI score0.03969EPSS
Exploits0References12Affected Software1
PyPA
PyPA
•added 2020/08/31 4:15 a.m.•6 views

PYSEC-2020-43

An issue was discovered in Flask-CORS aka CORS Middleware for Flask before 3.0.9. It allows ../ directory traversal to access private resources because resource matching does not ensure that pathnames are in a canonical format...

7.5CVSS6.9AI score0.04017EPSS
Exploits0References7Affected Software1
PyPA
PyPA
•added 2020/08/14 5:15 p.m.•6 views

PYSEC-2020-70

In openapi-python-client before version 0.5.3, there is a path traversal vulnerability. If a user generated a client using a maliciously crafted OpenAPI document, it is possible for generated files to be placed in arbitrary locations on disk...

4.1CVSS6.8AI score0.00944EPSS
Exploits0References4Affected Software1
PyPA
PyPA
•added 2020/08/12 4:15 p.m.•6 views

PYSEC-2020-24

asyncpg before 0.21.0 allows a malicious PostgreSQL server to trigger a crash or execute arbitrary code on a database client via a crafted server response, because of access to an uninitialized pointer in the array data decoder...

9.8CVSS7.7AI score0.02417EPSS
Exploits0References3Affected Software1
PyPA
PyPA
•added 2020/08/11 9:15 p.m.•6 views

PYSEC-2020-38

django-celery-results through 1.2.1 stores task results in the database. Among the data it stores are the variables passed into the tasks. The variables may contain sensitive cleartext information that does not belong unencrypted in the database...

7.5CVSS6.7AI score0.00863EPSS
Exploits0References2Affected Software1
PyPA
PyPA
•added 2020/07/17 9:15 p.m.•6 views

PYSEC-2020-51

In jupyterhub-kubespawner before 0.12, certain usernames will be able to craft particular server names which will grant them access to the default server of other users who have matching usernames. This has been fixed in 0.12...

8.1CVSS9.1AI score0.00889EPSS
Exploits1References2Affected Software1
Total number of security vulnerabilities5000