Lucene search
K
PypaMost viewed

5613 matches found

PyPA
PyPA
•added 2020/09/25 7:15 p.m.•5 views

PYSEC-2020-274

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the SparseFillEmptyRowsGrad implementation has incomplete validation of the shapes of its arguments. Although reverseindexmapt and gradvaluest are accessed in a similar pattern, only reverseindexmapt is validated to be of proper...

5.3CVSS6.8AI score0.01017EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•5 views

PYSEC-2020-123

In Tensorflow before version 2.3.1, the RaggedCountSparseOutput implementation does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the values in the splits tensor generate a valid partitioning of the values tensor. Thus, the code sets ...

5.9CVSS7.2AI score0.00844EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•5 views

PYSEC-2020-315

In Tensorflow before version 2.3.1, the RaggedCountSparseOutput implementation does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the values in the splits tensor generate a valid partitioning of the values tensor. Thus, the code sets ...

5.9CVSS7.2AI score0.00844EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•5 views

PYSEC-2020-310

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the implementation of SparseFillEmptyRowsGrad uses a double indexing pattern. It is possible for reverseindexmapi to be an index outside of bounds of gradvalues, thus resulting in a heap buffer overflow. The issue is patched in...

8.8CVSS7.2AI score0.00938EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•5 views

PYSEC-2020-130

In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, to mimic Python's indexing with negative values, TFLite uses ResolveAxis to convert negative values to positive indices. However, the only check that the converted index is now valid is only present in debug builds. If the...

9CVSS7.6AI score0.01227EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•5 views

PYSEC-2020-279

In Tensorflow before version 2.3.1, the RaggedCountSparseOutput does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the splits tensor has the minimum required number of elements. Code uses this quantity to initialize a different data...

5.9CVSS7AI score0.00805EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•5 views

PYSEC-2020-278

In Tensorflow before version 2.3.1, the SparseCountSparseOutput implementation does not validate that the input arguments form a valid sparse tensor. In particular, there is no validation that the indices tensor has the same shape as the values one. The values in these tensors are always accessed...

5.8CVSS6.9AI score0.00537EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•5 views

PYSEC-2020-292

In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger writes outside of bounds of heap allocated buffers by inserting negative elements in the segment ids tensor. Users having access to segmentidsdata can alter outputindex and then write to outside of outputdata...

8.6CVSS6.9AI score0.0061EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•5 views

PYSEC-2020-287

In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, to mimic Python's indexing with negative values, TFLite uses ResolveAxis to convert negative values to positive indices. However, the only check that the converted index is now valid is only present in debug builds. If the...

9CVSS7.6AI score0.01227EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•5 views

PYSEC-2020-115

In Tensorflow before versions 2.2.1 and 2.3.1, if a user passes a list of strings to dlpack.todlpack there is a memory leak following an expected validation failure. The issue occurs because the status argument during validation failures is not properly checked. Since each of the above methods ca...

4.3CVSS6.7AI score0.00684EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•5 views

PYSEC-2020-286

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, changing the TensorFlow's SavedModel protocol buffer and altering the name of required keys results in segfaults and data corruption while loading the model. This can cause a denial of service in products using tensorflow-servin...

9CVSS7AI score0.00944EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•5 views

PYSEC-2020-272

In Tensorflow before versions 2.2.1 and 2.3.1, if a user passes a list of strings to dlpack.todlpack there is a memory leak following an expected validation failure. The issue occurs because the status argument during validation failures is not properly checked. Since each of the above methods ca...

4.3CVSS6.7AI score0.00684EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•5 views

PYSEC-2020-273

In Tensorflow before versions 2.2.1 and 2.3.1, the implementation of dlpack.todlpack can be made to use uninitialized memory resulting in further memory corruption. This is because the pybind11 glue code assumes that the argument is a tensor. However, there is nothing stopping users from passing ...

7.1CVSS7.1AI score0.00681EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•5 views

PYSEC-2020-116

In Tensorflow before versions 2.2.1 and 2.3.1, the implementation of dlpack.todlpack can be made to use uninitialized memory resulting in further memory corruption. This is because the pybind11 glue code assumes that the argument is a tensor. However, there is nothing stopping users from passing ...

7.1CVSS7.1AI score0.00681EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•5 views

PYSEC-2020-135

In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger writes outside of bounds of heap allocated buffers by inserting negative elements in the segment ids tensor. Users having access to segmentidsdata can alter outputindex and then write to outside of outputdata...

8.6CVSS6.9AI score0.0061EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2020/09/23 1:15 p.m.•5 views

PYSEC-2020-209

A flaw was found in the Ansible Engine, in ansible-engine 2.8.x before 2.8.15 and ansible-engine 2.9.x before 2.9.13, when installing packages using the dnf module. GPG signatures are ignored during installation even when disablegpgcheck is set to False, which is the default behavior. This flaw...

7.1CVSS7.2AI score0.00233EPSS
Exploits0References2Affected Software1
PyPA
PyPA
•added 2020/09/11 6:15 p.m.•5 views

PYSEC-2020-4

A flaw was found in the Ansible Engine when using moduleargs. Tasks executed with check mode --check-mode do not properly neutralize sensitive data exposed in the event data. This flaw allows unauthorized users to read this data. The highest threat from this vulnerability is to confidentiality...

5.5CVSS6.3AI score0.00407EPSS
Exploits0References3Affected Software1
PyPA
PyPA
•added 2020/09/04 8:15 p.m.•5 views

PYSEC-2020-173

The pip package before 19.2 for Python allows Directory Traversal when a URL is given in an install command, because a Content-Disposition header can have ../ in a filename, as demonstrated by overwriting the /root/.ssh/authorizedkeys file. This occurs in downloadhttpurl in internal/download.py...

7.5CVSS9AI score0.03028EPSS
Exploits1References7Affected Software1
PyPA
PyPA
•added 2020/07/17 9:15 p.m.•5 views

PYSEC-2020-51

In jupyterhub-kubespawner before 0.12, certain usernames will be able to craft particular server names which will grant them access to the default server of other users who have matching usernames. This has been fixed in 0.12...

8.1CVSS9.1AI score0.00889EPSS
Exploits1References2Affected Software1
PyPA
PyPA
•added 2020/07/17 12:15 a.m.•5 views

PYSEC-2020-15

An issue was found in Apache Airflow versions 1.10.10 and below. When using CeleryExecutor, if an attacker can connect to the broker Redis, RabbitMQ directly, it is possible to inject commands, resulting in the celery worker running arbitrary commands...

9.8CVSS7AI score0.36787EPSS
Exploits1References2Affected Software1
PyPA
PyPA
•added 2020/06/26 8:15 p.m.•5 views

PYSEC-2020-216

The Beaker library through 1.11.0 for Python is affected by deserialization of untrusted data, which could lead to arbitrary code execution...

6.8CVSS7.6AI score0.01116EPSS
Exploits0References4Affected Software1
PyPA
PyPA
•added 2020/06/17 5:15 p.m.•5 views

PYSEC-2020-244

OMERO.web before 5.6.3 optionally allows sensitive data elements e.g., a session key to be passed as URL query parameters. If an attacker tricks a user into clicking a malicious link in OMERO.web, the information in the query parameters may be exposed in the Referer header seen by the target...

5.7CVSS6.5AI score0.00803EPSS
Exploits0References2Affected Software1
PyPA
PyPA
•added 2020/06/03 2:15 p.m.•5 views

PYSEC-2020-31

An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. In cases where a memcached backend does not perform key validation, passing malformed cache keys could result in a key collision, and potential data leakage...

5.9CVSS7AI score0.0609EPSS
Exploits0References11Affected Software1
PyPA
PyPA
•added 2020/06/02 9:15 p.m.•5 views

PYSEC-2020-42

An issue was discovered in fastecdsa before 2.1.2. When using the NIST P-256 curve in the ECDSA implementation, the point at infinity is mishandled. This means that for an extreme value in k and s^-1, the signature verification fails even if the signature is correct. This behavior is not solely a...

7.5CVSS7AI score0.01268EPSS
Exploits1References5Affected Software1
PyPA
PyPA
•added 2020/05/20 4:15 p.m.•5 views

PYSEC-2020-46

In httplib2 before version 0.18.0, an attacker controlling unescaped part of uri for httplib2.Http.request could change request headers and body, send additional hidden requests to same server. This vulnerability impacts software that uses httplib2 with uri constructed by string concatenation, as...

6.8CVSS6.9AI score0.02593EPSS
Exploits0References11Affected Software1
PyPA
PyPA
•added 2020/05/15 2:15 p.m.•5 views

PYSEC-2020-208

An incomplete fix was found for the fix of the flaw CVE-2020-1733 ansible: insecure temporary directory when running becomeuser from become directive. The provided fix is insufficient to prevent the race condition on systems using ACLs and FUSE filesystems. Ansible Engine 2.7.18, 2.8.12, and 2.9....

5CVSS6.8AI score0.004EPSS
Exploits1References2Affected Software1
PyPA
PyPA
•added 2020/05/07 9:15 p.m.•5 views

PYSEC-2020-97

In qutebrowser versions less than 1.11.1, reloading a page with certificate errors shows a green URL. After a certificate error was overridden by the user, qutebrowser displays the URL as yellow colors.statusbar.url.warn.fg. However, when the affected website was subsequently loaded again, the UR...

4.3CVSS6.8AI score0.01282EPSS
Exploits0References16Affected Software1
PyPA
PyPA
•added 2020/04/20 4:15 p.m.•5 views

PYSEC-2020-65

python-markdown2 through 2.3.8 allows XSS because element names are mishandled unless a \w+ match succeeds. For example, an attack might use elementname@ or elementname- with an onclick attribute...

6.1CVSS6.3AI score0.01868EPSS
Exploits1References7Affected Software1
PyPA
PyPA
•added 2020/03/24 3:15 p.m.•5 views

PYSEC-2020-96

A vulnerability was discovered in the PyYAML library in versions before 5.3.1, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the fullload method or with the FullLoader loader. Applications that use the library to process untrusted input may be...

10CVSS8.2AI score0.05299EPSS
Exploits1References10Affected Software1
PyPA
PyPA
•added 2020/03/19 5:15 p.m.•5 views

PYSEC-2020-268

In EasyBuild before version 4.1.2, the GitHub Personal Access Token PAT used by EasyBuild for the GitHub integration features like --new-pr, --fro,-pr, etc. is shown in plain text in EasyBuild debug log files. This issue is fixed in EasyBuild v4.1.2, and in the master+ develop branches of the...

7.7CVSS6.8AI score0.00538EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2020/03/13 10:15 p.m.•5 views

PYSEC-2020-219

In wagtail-2fa before 1.4.1, any user with access to the CMS can view and delete other users 2FA devices by going to the correct path. The user does not require special permissions in order to do so. By deleting the other users device they can disable the target users 2FA devices and potentially...

8.5CVSS6.8AI score0.00805EPSS
Exploits0References2Affected Software1
PyPA
PyPA
•added 2020/03/12 5:15 p.m.•5 views

PYSEC-2020-63

OpenStack Manila =8.0.0 =9.0.0 9.1.1 allows attackers to view, update, delete, or share resources that do not belong to them, because of a context-free lookup of a UUID. Attackers may also create resources, such as shared file systems and groups of shares on such share networks...

8.3CVSS6.9AI score0.01153EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/03/05 3:15 p.m.•5 views

PYSEC-2020-345

Django 1.11 before 1.11.29, 2.2 before 2.2.11, and 3.0 before 3.0.4 allows SQL Injection if untrusted data is used as a tolerance parameter in GIS functions and aggregates on Oracle. By passing a suitably crafted tolerance to GIS functions and aggregates on Oracle, it was possible to break escapi...

8.8CVSS6.9AI score0.22513EPSS
Exploits0References10Affected Software1
PyPA
PyPA
•added 2020/03/05 3:15 p.m.•5 views

PYSEC-2020-36

Django 1.11 before 1.11.29, 2.2 before 2.2.11, and 3.0 before 3.0.4 allows SQL Injection if untrusted data is used as a tolerance parameter in GIS functions and aggregates on Oracle. By passing a suitably crafted tolerance to GIS functions and aggregates on Oracle, it was possible to break escapi...

8.8CVSS8AI score0.22513EPSS
Exploits0References9Affected Software1
PyPA
PyPA
•added 2020/02/20 3:15 p.m.•5 views

PYSEC-2020-199

The safeeval function in Ansible before 1.5.4 does not properly restrict the code subset, which allows remote attackers to execute arbitrary code via crafted instructions...

9.8CVSS8AI score0.04391EPSS
Exploits0References3Affected Software1
PyPA
PyPA
•added 2020/02/20 3:15 a.m.•5 views

PYSEC-2020-202

Ansible before 1.5.5 constructs filenames containing user and password fields on the basis of deb lines in sources.list, which might allow local users to obtain sensitive credential information in opportunistic circumstances by leveraging existence of a file that uses the "deb...

5.5CVSS6.3AI score0.0038EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2020/02/20 3:15 a.m.•5 views

PYSEC-2020-203

The safeeval function in Ansible before 1.6.4 does not properly restrict the code subset, which allows remote attackers to execute arbitrary code via crafted instructions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-4657...

9.8CVSS8AI score0.05197EPSS
Exploits0References8Affected Software1
PyPA
PyPA
•added 2020/02/18 3:15 p.m.•5 views

PYSEC-2020-204

Ansible before 1.6.7 does not prevent inventory data with "" and "lookup" substrings, and does not prevent remote data with "" substrings, which allows remote attackers to execute arbitrary code via 1 crafted lookup'pipe' calls or 2 crafted Jinja2 data...

9.8CVSS8.1AI score0.03521EPSS
Exploits0References3Affected Software1
PyPA
PyPA
•added 2020/01/30 9:15 p.m.•5 views

PYSEC-2020-212

Multiple cross-site scripting XSS vulnerabilities in Roundup before 1.4.20 allow remote attackers to inject arbitrary web script or HTML via the 1 @okmessage or 2 @errormessage parameter to issue...

6.1CVSS6AI score0.01546EPSS
Exploits1References6Affected Software1
PyPA
PyPA
•added 2020/01/28 10:15 p.m.•5 views

PYSEC-2020-258

In TensorFlow before 1.15.2 and 2.0.1, converting a string from Python to a tf.float16 value results in a segmentation fault in eager mode as the format checks for this use case are only in the graph mode. This issue can lead to denial of service in inference/training where a malicious attacker c...

7.5CVSS6.8AI score0.00581EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/01/28 10:15 p.m.•5 views

PYSEC-2020-338

In TensorFlow before 1.15.2 and 2.0.1, converting a string from Python to a tf.float16 value results in a segmentation fault in eager mode as the format checks for this use case are only in the graph mode. This issue can lead to denial of service in inference/training where a malicious attacker c...

7.5CVSS6.8AI score0.00581EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/01/24 6:15 p.m.•5 views

PYSEC-2020-213

Tornado before 3.2.2 sends arbitrary responses that contain a fixed CSRF token and may be sent with HTTP compression, which makes it easier for remote attackers to conduct a BREACH attack and determine this token via a series of crafted requests...

6.5CVSS7AI score0.02489EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2020/01/15 9:15 p.m.•5 views

PYSEC-2020-235

python-markdown2 before 1.0.1.14 has multiple cross-site scripting XSS issues...

6.1CVSS6.2AI score0.00766EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2020/01/09 1:15 p.m.•5 views

PYSEC-2020-198

Ansible prior to 1.5.4 mishandles the evaluation of some strings...

7.5CVSS6.9AI score0.0118EPSS
Exploits0References2Affected Software1
PyPA
PyPA
•added 2020/01/05 10:15 p.m.•5 views

PYSEC-2020-172

There is a DoS vulnerability in Pillow before 6.2.2 caused by FpxImagePlugin.py calling the range function on an unvalidated 32-bit integer if the number of bands is large. On Windows running 32-bit Python, this results in an OverflowError or MemoryError due to the 2 GB limit. However, on Linux...

7.5CVSS6.9AI score0.02118EPSS
Exploits0References5Affected Software1
PyPA
PyPA
•added 2020/01/03 1:15 a.m.•5 views

PYSEC-2020-84

libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow...

7.1CVSS7.2AI score0.02752EPSS
Exploits0References7Affected Software1
PyPA
PyPA
•added 2019/12/20 11:15 p.m.•5 views

PYSEC-2019-137

Waitress through version 1.3.1 would parse the Transfer-Encoding header and only look for a single string value, if that value was not chunked it would fall through and use the Content-Length header instead. According to the HTTP standard Transfer-Encoding should be a comma separated list, with t...

7.5CVSS6.7AI score0.02545EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2019/12/16 10:15 p.m.•5 views

PYSEC-2019-172

In Apache Incubator Superset before 0.31 user could query database metadata information from a database he has no access to, by using a specially crafted complex query...

5.3CVSS6.7AI score0.02779EPSS
Exploits0References2Affected Software1
PyPA
PyPA
•added 2019/12/15 10:15 p.m.•5 views

PYSEC-2019-200

python-requests-Kerberos through 0.5 does not handle mutual authentication...

9.8CVSS7AI score0.03615EPSS
Exploits0References5Affected Software1
PyPA
PyPA
•added 2019/12/09 6:15 p.m.•5 views

PYSEC-2019-29

OpenStack Keystone 15.0.0 and 16.0.0 is affected by Data Leakage in the list credentials API. Any user with a role on a project is able to list any credentials with the /v3/credentials API when enforcescope is false. Users with a role on a project are able to view any other users' credentials,...

8.8CVSS6.5AI score0.0178EPSS
Exploits1References9Affected Software1
Total number of security vulnerabilities5000