26517 matches found
buildbot-badges (>=1.7.0 <=1.8.2), cico (>=0.1.0 <=0.1.8) +18 more potentially affected by CVE-2023-27586 via cairosvg (>=0.5.0 <=2.6.0)
cairosvg PYPI version =0.5.0, =1.7.0, =0.1.0, =1.0.0b1, =0.0.2, =0.1.0, =0.1.0, =2.11.0, =4.3.0, =0.0.1, =9.0.5, =1.0.0, =0.1.0, =0.2.7 and more Source cves: CVE-2023-27586 Source advisory: OSV:GHSA-RWMF-W63J-P7GV...
BuildEAR (=3.1.0), IMAPServer (=0.2.0) +2463 more potentially affected by unknown CVE via remove_dir_all (>=0.3.0 <=0.7.0)
removedirall CARGO version =0.3.0, =0.22.2, =0.1.2, =0.1.1, =0.1.0, =0.2.0, =2.1.0, =2.3.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-MC8H-8Q98-G5HR...
@540deg/react-native-simple-markdown (>=1.1.1 <=1.1.2), @anzeblabla/react-native-markdown-editor (>=1.0.3 <=2.1.1) +29 more potentially affected by CVE-2019-25103 via simple-markdown (>=0.0.9 <=0.4.4)
simple-markdown NPM version =0.0.9, =1.1.1, =1.0.3, =1.3.0, =1.0.1, =1.1.1, =1.1.74, =1.0.8, =1.0.4, =2.3.0, =3.0.0, =1.0.0, =0.1.0, =0.1.1 and more Source cves: CVE-2019-25103 Source advisory: OSV:GHSA-GPVJ-GP8C-C7P2...
roaring-landmask (=0.4.0) potentially affected by CVE-2023-0215 via openssl-src (=300.0.0+3.0.0)
openssl-src CARGO version =300.0.0+3.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on openssl-src and may be impacted: - roaring-landmask =0.4.0 Source cves: CVE-2023-0215 Source advisory: OSV:RUSTSEC-2023-0009...
a62-emotion (>=0.10.12 <=0.11.4), agent-atm (>=0.1.0 <=0.1.1) +103 more potentially affected by CVE-2022-41899 via tensorflow-cpu (>=1.15.0 <=2.7.4)
tensorflow-cpu PYPI version =1.15.0, =0.10.12, =0.1.0, =2.0.0, =2.0.0, =1.0.0, =0.0.5, =0.3.0, =0.0.1, =0.8.1, =0.1.1, =1.3.0, =0.1.0.dev1, =0.1.0.dev202107081840 and more Source cves: CVE-2022-41899 Source advisory: OSV:GHSA-27RC-728F-X5W2...
a62-emotion (>=0.10.12 <=0.11.4), agent-atm (>=0.1.0 <=0.1.1) +103 more potentially affected by CVE-2022-41889 via tensorflow-cpu (>=1.15.0 <=2.7.4)
tensorflow-cpu PYPI version =1.15.0, =0.10.12, =0.1.0, =2.0.0, =2.0.0, =1.0.0, =0.0.5, =0.3.0, =0.0.1, =0.8.1, =0.1.1, =1.3.0, =0.1.0.dev1, =0.1.0.dev202107081840 and more Source cves: CVE-2022-41889 Source advisory: OSV:GHSA-XXCJ-RHQG-M46G...
causalegm (>=0.2.1 <=0.2.5), chrombpnet (>=0.1.0 <=0.1.2) +3 more potentially affected by CVE-2022-35964 via tensorflow-gpu (=2.8.0)
tensorflow-gpu PYPI version =2.8.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - causalegm =0.2.1, =0.1.0, =0.0.6, =2.3.5, =2.4.1 - tlaunch =0.0.2 Source cves: CVE-2022-35964 Source advisory: OSV:GHSA-F7R5-Q7CX-H...
125softnlp (=0.0.1), a2 (>=0.10.11 <=0.10.13) +4899 more potentially affected by CVE-2022-36011 via tensorflow (>=1.0.1 <=2.7.1)
tensorflow PYPI version =1.0.1, =0.10.11, =0.1.0, =0.0.0, =0.5.0, =0.1.6, =1.0.0, =2.0.0, =1.0.0, =0.0.1, =0.0.7 and more Source cves: CVE-2022-36011 Source advisory: OSV:GHSA-FV43-93GV-VM8F...
demo-joplin (>=1.0.1 <=1.0.8) potentially affected by CVE-2022-35131 via joplin (=0.10.93)
joplin NPM version =0.10.93 is affected by a known vulnerability. The following packages have a transitive dependency on joplin and may be impacted: - demo-joplin =1.0.1, =1.0.8 Source cves: CVE-2022-35131 Source advisory: OSV:GHSA-WW2V-FRV5-PJ5X...
com.azure.spring:azure-spring-boot-starter-storage (>=3.1.0 <=3.14.0), com.azure.spring:azure-spring-cloud-starter-eventhubs (>=2.2.0 <=2.14.0) +144 more potentially affected by CVE-2022-30187 via com.azure:azure-storage-blob (>=12.0.0-preview.1 <=12.18.0-beta.1)
com.azure:azure-storage-blob MAVEN version =12.0.0-preview.1, =3.1.0, =2.2.0, =2.2.0, =2.2.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =1.0.0-preview.1, =12.0.0, =12.0.0-beta.5, =12.0.0-beta.18 and more Source cves: CVE-2022-30187 S...
@bobliao/candle-view (>=0.1.4 <=0.3.8) potentially affected by unknown CVE via plugin-bugfix-v8-spread-parameters-in-optional-chaining (=0.0.1-security)
plugin-bugfix-v8-spread-parameters-in-optional-chaining NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on plugin-bugfix-v8-spread-parameters-in-optional-chaining and may be impacted: - @bobliao/candle-view =0.1.4, =0.3.8 Sourc...
cn.easyutil:veteran-core (=1.0.1), cn.easyutil:veteran-web (=1.0.1) +14 more potentially affected by CVE-2021-40660 via org.javadelight:delight-nashorn-sandbox (>=0.1.16 <=0.2.5)
org.javadelight:delight-nashorn-sandbox MAVEN version =0.1.16, =1.2.22, =1.1-pre-alpha-19, =1.1-pre-alpha-21, =1.1-pre-alpha-21, =1.1-pre-alpha-21, =1.1-pre-alpha-21, =1.1-pre-alpha-21, =1.1-pre-alpha-21, =1.1-pre-alpha-21, =3.2.0, =3.2.0, =1.0.6, =0.1.0, =0.1.2 and more Source cves: CVE-2021-406...
@sobotics/caching (=1.1.1) potentially affected by CVE-2020-11610 via xdlocalstorage (=2.0.5)
xdlocalstorage NPM version =2.0.5 is affected by a known vulnerability. The following packages have a transitive dependency on xdlocalstorage and may be impacted: - @sobotics/caching =1.1.1 Source cves: CVE-2020-11610 Source advisory: OSV:GHSA-MR5M-2385-2VCP...
org.apache.atlas:atlas-authorization (=0.7-incubating), org.apache.atlas:atlas-client (=0.7-incubating) +9 more potentially affected by CVE-2017-3154 via org.apache.atlas:atlas-common (=0.7-incubating)
org.apache.atlas:atlas-common MAVEN version =0.7-incubating is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.atlas:atlas-common and may be impacted: - org.apache.atlas:atlas-authorization =0.7-incubating - org.apache.atlas:atlas-client...
com.elasticbox.jenkins-ci.plugins:elasticbox (>=4.0.9 <=4.1.0), org.jenkins-ci.lib:xtrigger-lib (=0.36) +13 more potentially affected by CVE-2016-0792 via org.jenkins-ci.main:jenkins-core (>=1.643 <=1.649)
org.jenkins-ci.main:jenkins-core MAVEN version =1.643, =4.0.9, =1.643, =1.643, =1.645, =0.5, =1.648, =4.0.4, =1.0.0, =1.643, =1.0.45, =0.3.2, =0.3.8 - org.jenkins.plugins.statistics.gatherer:statistics-gatherer =1.0.1 Source cves: CVE-2016-0792 Source advisory: OSV:GHSA-45RG-G72W-R393...
com.amashchenko.struts2.actionflow:struts2-actionflow-plugin (=2.4.0), com.amashchenko.struts2.actionflow:struts2-actionflow-showcase (=2.4.0) +68 more potentially affected by CVE-2016-3087 via org.apache.struts:struts2-core (>=2.3.1.1 <=2.3.20.1)
org.apache.struts:struts2-core MAVEN version =2.3.1.1, =1.2.2, =1.2.2, =1.2.2, =1.2.2, =1.1.0, =1.1.0, =2.0.1 - com.jgeppert.struts2.jquery:struts2-jquery-chart-plugin =3.3.0 - com.jgeppert.struts2.jquery:struts2-jquery-grid-plugin =3.3.0 - com.jgeppert.struts2.jquery:struts2-jquery-mobile-plugin...
abtests (>=0.0.1 <=0.0.2.1), adjsim (>=2.0.0 <=2.1.0) +108 more potentially affected by CVE-2017-12852 via numpy (>=1.10.0 <=1.13.1)
numpy PYPI version =1.10.0, =0.0.1, =2.0.0, =0.1.0, =0.1.0, =0.1.0, =0.7.0, =1.0.2 - cami-opal =0.2.5 and more Source cves: CVE-2017-12852 Source advisory: OSV:GHSA-FRGW-FGH6-9G52...
ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1304 more potentially affected by CVE-2015-5317 via org.jenkins-ci.main:jenkins-core (>=1.396 <=1.625.1)
org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =0.0.1, =0.9, =1.3, =1.0, =1.0, =2.2.1, =1.0.3, =1.0.0, =1.0, =1.0.0, =1.2.0 and more Source cves: CVE-2015-5317 Source advisory: OSV:GHSA-8PQX-3RXX-F5PM...
org.apache.sling:org.apache.sling.caconfig.impl (>=1.2.0 <=1.6.0), org.apache.sling:org.apache.sling.scripting.sightly (>=1.0.0 <=1.0.32) +1 more potentially affected by CVE-2016-5394 via org.apache.sling:org.apache.sling.xss (=1.0.0)
org.apache.sling:org.apache.sling.xss MAVEN version =1.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.sling:org.apache.sling.xss and may be impacted: - org.apache.sling:org.apache.sling.caconfig.impl =1.2.0, =1.0.0, =1.0.0, =1.0.2 Sourc...
ca.stellardrift.guice-backport.extensions:guice-struts2 (=5.0.1), com.google.inject.extensions:guice-struts2 (>=3.0 <=5.0.1) +63 more potentially affected by CVE-2012-0391 via org.apache.struts.xwork:xwork-core (>=2.2.1 <=2.2.3)
org.apache.struts.xwork:xwork-core MAVEN version =2.2.1, =3.0, =2.4.0, =2.4.0, =3.0.0, =3.0.0, =2.4.0, =2.4.0, =2.4.0, =3.0.0, =2.0.0, =0.9.2, =0.9.0, =0.9.1 - io.forestframework:guice-struts2 =5.0.1.1 and more Source cves: CVE-2012-0391 Source advisory: OSV:GHSA-4WRR-9H5R-M92W...
@2dine/framework-ui (>=1.0.4 <=2.1.91), @7h3laughingman/pf2e-helpers (>=7.10.0 <=8.1.0) +73 more potentially affected by CVE-2022-25854 via @yaireo/tagify (>=2.31.6 <=4.37.1)
@yaireo/tagify NPM version =2.31.6, =1.0.4, =7.10.0, =7.10.0, =1.0.18-beta.23, =1.0.0, =1.3.5-beta.744, =2.1.0, =0.0.1, =1.0.0, =1.0.9, =1.0.1, =1.2.42, =1.0.0, =0.8.0, =5.0.3 and more Source cves: CVE-2022-25854 Source advisory: OSV:GHSA-PXPF-V376-7XX5...
ai.hyacinth.framework:core-service-admin-server (>=0.5.0 <=0.5.21), ai.hyacinth.framework:core-service-gateway-server (>=0.5.0 <=0.5.21) +896 more potentially affected by CVE-2022-22965 via org.springframework:spring-webflux (>=5.0.0.RELEASE <=5.2.1.RELEASE)
org.springframework:spring-webflux MAVEN version =5.0.0.RELEASE, =0.5.0, =0.5.0, =0.5.0, =j8.2.3.0, =0.0.1, =2.1.2.RELEASE, =2.0.2, =0.5.0, =3.1.64, =3.1.37, =3.1.13, =3.1.64, =3.1.64, =3.1.64, =3.1.64, =3.1.165 and more Source cves: CVE-2022-22965 Source advisory: OSV:GHSA-36P3-WJMG-H94X...
ai.hyacinth.framework:core-service-admin-server (>=0.5.0 <=0.5.24), ai.hyacinth.framework:core-service-gateway-server (>=0.5.0 <=0.5.24) +1082 more potentially affected by CVE-2022-22965 via org.springframework.boot:spring-boot-starter-webflux (>=2.0.0.RELEASE <=2.5.11)
org.springframework.boot:spring-boot-starter-webflux MAVEN version =2.0.0.RELEASE, =0.5.0, =0.5.0, =0.5.0, =2.1.0, =2.1.2.RELEASE, =1.3, =0.5.0, =3.1.37, =3.1.13, =3.1.85, =3.1.13, =3.1.13, =3.1.295 - ch.mobi.mobitor:mobitor-doc =3.1.13 - city.smartb.f2:f2-spring-boot-starter-function-http =0.1.0...
africa.absa:inception-api (>=1.1.0 <=1.2.0), africa.absa:inception-codes-api (>=1.1.0 <=1.2.0) +3609 more potentially affected by CVE-2022-22965 via org.springframework:spring-webmvc (>=5.3.0 <=5.3.17)
org.springframework:spring-webmvc MAVEN version =5.3.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =4.4.0.2, =1.1.0, =1.13.0, =2.2.0 and more Source cves: CVE-2022-22965 Source advisory: OSV:GHSA-36P3-WJMG-H94X...
com.addplus9:addplus_action_dubbo (>=0.0.1 <=1.0.0), com.alibaba.csp:sentinel-apache-dubbo-adapter (>=1.5.1 <=1.7.0) +28 more potentially affected by CVE-2021-25640 via org.apache.dubbo:dubbo (>=2.7.0 <=2.7.1)
org.apache.dubbo:dubbo MAVEN version =2.7.0, =0.0.1, =1.5.1, =2.0.1, =0.1.3, =2.4.0, =2.4.0, =2.4.0, =1.0.0, =1.0, =1.2.4, =2.7.0, =1.3.1, =1.3.1, =1.4.4 and more Source cves: CVE-2021-25640 Source advisory: OSV:GHSA-GW4J-4229-Q4PX...
cc.akkaha:asura-core_2.12 (=0.3.0), cc.akkaha:asura-dubbo_2.12 (>=0.2.0 <=0.6.0) +285 more potentially affected by CVE-2021-25641 via com.alibaba:dubbo (>=2.5.10 <=2.6.8)
com.alibaba:dubbo MAVEN version =2.5.10, =0.2.0, =0.1.5, =0.1.5, =11.0.1-RELEASE, =11.0.1-RELEASE, =1.0, =1.4.0, =1.4.0, =1.4.0, =1.0.0, =1.0.1 and more Source cves: CVE-2021-25641 Source advisory: OSV:GHSA-V2RG-8CWR-75G8...
10-24-dars (=1.0.0), @alephdata/react-ftm (>=1.9.1 <=2.4.0-alpha.2) +205 more potentially affected by CVE-2021-23632 via git (=0.1.5)
git NPM version =0.1.5 is affected by a known vulnerability. The following packages have a transitive dependency on git and may be impacted: - 10-24-dars =1.0.0 - @alephdata/react-ftm =1.9.1, =1.5.2, =0.4.120, =1.0.0-alpha.0, =1.1.7, =1.0.1, =0.13.1, =1.12.2, =1.0.0, =2.0.0 -...
@fluentui/bundle-size (>=1.1.3 <=1.1.6), @georgs/beachball (=2.22.0) +17 more potentially affected by CVE-2022-25865 via workspace-tools (>=0.10.3 <=0.16.2)
workspace-tools NPM version =0.10.3, =1.1.3, =0.0.2, =0.0.2, =1.3.0, =0.1.1, =1.2.0, =1.0.3, =0.1.2, =6.1.2, =1.48.2, =0.3.0, =1.0.0, =0.13.0, =1.0.1 and more Source cves: CVE-2022-25865 Source advisory: SNYK:JS-WORKSPACETOOLS-2421201...
arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +171 more potentially affected by CVE-2022-21731 via tensorflow-gpu (>=1.10.1 <=2.5.1)
tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.9.2, =0.1.0, =0.0.1, =0.0.9, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - brainhance =0.0.1 - cctv-analysis =0.0.2 and more Source cves: CVE-2022-21731 Source advisory: OSV:GHSA-M4HF-J54P-P353...
aadhaar-detection (=0.5.0), accuinsight (>=1.0.84 <=1.0.87) +38 more potentially affected by CVE-2022-23564 via tensorflow (>=2.7.0 <=2.7.0rc1)
tensorflow PYPI version =2.7.0, =1.0.84, =3.0.22, =0.1.11, =0.1.11, =0.1.11, =0.1.0, =0.0.1, =0.1.5.dev202303131412, =0.1.0, =0.1.1 and more Source cves: CVE-2022-23564 Source advisory: OSV:GHSA-8RCJ-C8PJ-V3M3...
125softnlp (=0.0.1), a2 (>=0.10.11 <=0.10.13) +4847 more potentially affected by CVE-2022-23563 via tensorflow (>=1.0.1 <=2.5.2)
tensorflow PYPI version =1.0.1, =0.10.11, =0.1.0, =0.0.0, =0.6.0, =0.1.6, =1.0.0, =2.0.0, =1.0.0, =0.0.1, =0.0.7 and more Source cves: CVE-2022-23563 Source advisory: OSV:GHSA-WC4G-R73W-X8MM...
rpnet (>=0.0.1 <=0.1.0), rpnet-dev (>=0.0.5 <=0.0.12) +4 more potentially affected by CVE-2022-21737 via tensorflow-gpu (=2.7.0)
tensorflow-gpu PYPI version =2.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - rpnet =0.0.1, =0.0.5, =1.0.5, =1.1.1 - tpu-tf2 =1.0.0 - troj =1.0.0 Source cves: CVE-2022-21737 Source advisory:...
lsmmdma (>=0.0.4 <=0.1.7), tpu-tf2 (=1.0.0) potentially affected by CVE-2022-21730 via tensorflow-cpu (=2.7.0)
tensorflow-cpu PYPI version =2.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - lsmmdma =0.0.4, =0.1.7 - tpu-tf2 =1.0.0 Source cves: CVE-2022-21730 Source advisory: OSV:GHSA-VJG4-V33C-GGC4...
arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +171 more potentially affected by CVE-2022-23562 via tensorflow-gpu (>=1.10.1 <=2.5.1)
tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.9.2, =0.1.0, =0.0.1, =0.0.9, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - brainhance =0.0.1 - cctv-analysis =0.0.2 and more Source cves: CVE-2022-23562 Source advisory: OSV:PYSEC-2022-126...
app.dassana:rule-engine (>=1.6.8 <=1.10.1), be.looorent:keycloak-micronaut-adapter (>=1.4.0 <=2.0.0) +574 more potentially affected by CVE-2022-21700 via io.micronaut:micronaut-http (>=1.0.0 <=3.2.6)
io.micronaut:micronaut-http MAVEN version =1.0.0, =1.6.8, =1.4.0, =1.1.0, =0.8.0, =0.9.1, =1.4.0, =2.0.8-micronaut-1.0, =1.3.7.6, =1.3.7.6, =1.7.3-micronaut-1.0, =1.6.2-micronaut-1.0, =2.0.0-micronaut-1.0, =1.7.2-micronaut-1.0, =1.3.7.6, =2.2.2-micronaut-3.0 and more Source cves:...
au.id.tmm.fetch:fetch-aws-dynamodb_3 (>=0.7.0 <=0.9.2), au.id.tmm.fetch:fetch-aws-textract_3 (>=0.2.0 <=0.9.2) +331 more potentially affected by CVE-2022-21653 via org.typelevel:jawn-parser_3 (>=1.1.2 <=1.3.1)
org.typelevel:jawn-parser3 MAVEN version =1.1.2, =0.7.0, =0.2.0, =0.7.0, =0.2.0, =0.2.0, =0.29.0, =0.0.1, =0.0.1, =0.0-08b8c90, =0.0-08b8c90, =0.0-08b8c90, =0.1-f497734 and more Source cves: CVE-2022-21653 Source advisory: OSV:GHSA-VC89-HCCF-RQ55...
club.javafamily:javafamily-utils-all (>=2.3.2-beta.3 <=2.3.2-beta.4), club.javafamily:javafamily-utils-pdf-itext (>=2.3.2-beta.3 <=2.3.2-beta.4) +214 more potentially affected by CVE-2021-43113 via com.itextpdf:itext7-core (>=7.0.4 <=7.1.16)
com.itextpdf:itext7-core MAVEN version =7.0.4, =2.3.2-beta.3, =2.3.2-beta.3, =1.6.0, =0.0.30, =0.1, =1.0, =1.0, =1.0, =1.1 - com.houkunlin.easypoi:easypoi-base =5.0.2 - com.houkunlin.easypoi:easypoi-spring-boot-starter =5.0.2 - com.houkunlin.easypoi:easypoi-web =5.0.2 -...
ai.apiverse:apipulse (>='1.0.3' <=1.0.20), ai.eto:rikai_2.12 (>=0.0.2 <=0.0.12) +5069 more potentially affected by CVE-2021-44228 via org.apache.logging.log4j:log4j-core (>=2.13.0 <=2.14.1)
org.apache.logging.log4j:log4j-core MAVEN version =2.13.0, ='1.0.3', =0.0.2, =2.1.0, =3.32.1.7, =1.4.0, =1.4.0, =1.4.0, =1.4.0, =1.4.0, =1.4.0, =1.4.0, =1.4.0, =1.4.0, =1.4.0, =0.2.3, =0.2.4 and more Source cves: CVE-2021-44228 Source advisory: OSV:GHSA-JFH8-C2JP-5V3Q...
com.alibaba.otter:canal.deployer (>=1.1.7 <=1.1.8), com.alibaba.otter:canal.instance.core (>=1.1.7 <=1.1.8) +90 more potentially affected by CVE-2021-43797 via org.jboss.netty:netty (>=3.1.0.BETA1 <=3.2.10.Final)
org.jboss.netty:netty MAVEN version =3.1.0.BETA1, =1.1.7, =1.1.7, =1.1.7, =1.1.7, =1.1.7, =1.1.7, =1.1.7, =1.1.7, =1.1.7, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.6.4 and more Source cves: CVE-2021-43797 Source advisory: OSV:GHSA-WX5J-54MM-RQQQ...
@backstage/plugin-auth-backend (>=0.0.0-nightly-20240122021809 <=0.24.5), @backstage/plugin-auth-backend-module-aws-alb-provider (>=0.0.0-nightly-20240126021148 <=0.4.17-next.0) +9 more potentially affected by CVE-2021-43776 via @backstage/plugin-auth-backend (>=0.0.0-nightly-20240929023448 <=0.4.10)
@backstage/plugin-auth-backend NPM version =0.0.0-nightly-20240929023448, =0.0.0-nightly-20240122021809, =0.0.0-nightly-20240126021148, =0.0.0-nightly-20240122021809, =0.0.0-nightly-2022122206, =0.0.0-nightly-2022122206, =0.0.0-nightly-2022122206, =5.0.0-alpha.1, =1.0.0, =0.2.0, =1.0.0, =1.2.0...
a62-emotion (>=0.10.12 <=0.11.4), agent-atm (>=0.1.0 <=0.1.1) +101 more potentially affected by CVE-2021-41203 via tensorflow-cpu (>=1.15.0 <=2.4.0)
tensorflow-cpu PYPI version =1.15.0, =0.10.12, =0.1.0, =2.0.0, =2.0.0, =1.0.0, =0.0.5, =0.3.0, =0.0.1, =0.8.1, =0.1.1, =1.3.0, =0.1.0.dev1, =0.1.0.dev202107081840 and more Source cves: CVE-2021-41203 Source advisory: OSV:GHSA-7PXJ-M4JF-R6H2...
alwakeupword (=1.0.0), armadillin (>=0.0.2 <=0.53.0) +35 more potentially affected by CVE-2021-41210 via tensorflow (>=2.6.0 <=2.6.0rc2)
tensorflow PYPI version =2.6.0, =0.0.2, =0.0.9, =0.2.0, =4.4.0, =1.1.2, =0.2.0, =0.0.1, =1.0.0, =0.1.5, =0.2.1 and more Source cves: CVE-2021-41210 Source advisory: OSV:GHSA-M342-FF57-4JCC...
2adif (=0.1.0), addgene-mcp (>=0.1.0 <=0.1.3) +549 more potentially affected by CVE-2021-41125 via scrapy (>=2.0.1 <=2.5.0)
scrapy PYPI version =2.0.1, =0.1.0, =0.10.0, =0.0.1, =0.1.4, =1.0.0, =0.0.1, =1.0.0, =0.0.24, =2.9.3, =0.2.3, =1.2.0, =1.5.0 and more Source cves: CVE-2021-41125 Source advisory: OSV:PYSEC-2021-363...
openssl-sys (>=0.9.35 <=0.9.37) potentially affected by CVE-2021-23840 via openssl-src (=110.0.7+1.1.0i)
openssl-src CARGO version =110.0.7+1.1.0i is affected by a known vulnerability. The following packages have a transitive dependency on openssl-src and may be impacted: - openssl-sys =0.9.35, =0.9.37 Source cves: CVE-2021-23840 Source advisory: OSV:GHSA-QGM6-9472-PWQ7...
arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +164 more potentially affected by CVE-2021-37639 via tensorflow-gpu (>=1.10.1 <=2.3.2)
tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.9.2, =0.1.0, =0.0.1, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - cctv-analysis =0.0.2 - chatbot-nlu =1.0.0 - classitransformers =0.0.1 and more Source cves: CVE-2021-37639 Source advisory: OSV:GHSA-GH6X-4WHR-2QV4...
complaintclassify (=0.0.9) potentially affected by CVE-2021-37643 via tensorflow-cpu (=2.4.0)
tensorflow-cpu PYPI version =2.4.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - complaintclassify =0.0.9 Source cves: CVE-2021-37643 Source advisory: OSV:GHSA-FCWC-P4FC-C5CC...
arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +164 more potentially affected by CVE-2021-37675 via tensorflow-gpu (>=1.10.1 <=2.3.2)
tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.9.2, =0.1.0, =0.0.1, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - cctv-analysis =0.0.2 - chatbot-nlu =1.0.0 - classitransformers =0.0.1 and more Source cves: CVE-2021-37675 Source advisory: OSV:GHSA-9C8H-2MV3-49WW...
complaintclassify (=0.0.9) potentially affected by CVE-2021-37678 via tensorflow-cpu (=2.4.0)
tensorflow-cpu PYPI version =2.4.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - complaintclassify =0.0.9 Source cves: CVE-2021-37678 Source advisory: OSV:GHSA-R6JX-9G48-2R5R...
c4v-py (>=0.1.0.dev1 <=0.1.0.dev202107081840) potentially affected by CVE-2021-37671 via tensorflow-cpu (=2.3.1)
tensorflow-cpu PYPI version =2.3.1 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - c4v-py =0.1.0.dev1, =0.1.0.dev202107081840 Source cves: CVE-2021-37671 Source advisory: OSV:PYSEC-2021-584...
brainhance (=0.0.1), crystal4d (>=0.0.4 <=0.1.2) +4 more potentially affected by CVE-2021-37689 via tensorflow-gpu (>=2.4.0 <=2.4.2)
tensorflow-gpu PYPI version =2.4.0, =0.0.4, =1.1.1, =0.1.0.dev98, =1.0.0, =1.0.1 - tf-yarn-gpu =0.6.3 Source cves: CVE-2021-37689 Source advisory: OSV:PYSEC-2021-800...