26517 matches found
@gulpjs/update-template (>=0.1.0 <=0.2.1), @lblod/ember-rdfa-editor-stemming-module-plugin (>=0.1.0 <=0.1.3) +11 more potentially affected by CVE-2019-10776 via git-diff-apply (>=0.0.5 <=0.22.10)
git-diff-apply NPM version =0.0.5, =0.1.0, =0.1.0, =0.8.0, =0.1.9, =0.0.1, =0.9.0, =0.2.2, =0.14.0, =3.0.0 Source cves: CVE-2019-10776 Source advisory: SNYK:JS-GITDIFFAPPLY-540774...
ai.agnos:reactive-sparql_2.12 (>=0.3.0 <=0.3.1), ai.databand:dbnd-agent (>=0.42.1 <=0.80.6) +11468 more potentially affected by CVE-2019-16335 via com.fasterxml.jackson.core:jackson-databind (>=2.7.0 <=2.8.11.4)
com.fasterxml.jackson.core:jackson-databind MAVEN version =2.7.0, =0.3.0, =0.42.1, =0.42.1, =0.40.2, =0.42.1, =0.1.8, =0.2, =0.5, =0.8.0, =2.3.0, =1.5.6, =4.2.1, =4.4.1, =3.3.3, =3.3.8 and more Source cves: CVE-2019-16335 Source advisory: OSV:GHSA-85CW-HJ65-QQV9...
acuity (=6.18.0), acuitypro (=6.18.0) +4 more potentially affected by CVE-2019-16227 via lmdb (>=0.92.0 <=0.97.0)
lmdb PYPI version =0.92.0, =0.1.13, =0.0.0, =0.100.2, =0.100.3rc1 Source cves: CVE-2019-16227 Source advisory: SNYK:PYTHON-LMDB-11959239...
cloud.altemista.fwk.framework:cloud-altemistafwk-documentation (=3.1.0.RELEASE), cloud.altemista.fwk.soap:cloud-altemistafwk-core-soap-wss (>=3.0.0.RELEASE <=3.1.0.RELEASE) +505 more potentially affected by CVE-2019-12400 via org.apache.santuario:xmlsec (>=2.0.3 <=2.1.3)
org.apache.santuario:xmlsec MAVEN version =2.0.3, =3.0.0.RELEASE, =3.0.0.RELEASE, =3.0.0.RELEASE, =3.0.0.RELEASE, =1.4.0.0, =0.7.0.1, =1.0.0, =1.31.0, =1.31.0, =1.31.0, =2.2.4, =2.2.4, =2.2.4, =2.3.19 - com.exacttarget:fuelsdk =1.1.0 and more Source cves: CVE-2019-12400 Source advisory:...
unfurl (>=0.0.1.dev144 <=0.0.1.dev220) potentially affected by CVE-2019-15149 via mitogen (=0.2.7)
mitogen PYPI version =0.2.7 is affected by a known vulnerability. The following packages have a transitive dependency on mitogen and may be impacted: - unfurl =0.0.1.dev144, =0.0.1.dev220 Source cves: CVE-2019-15149 Source advisory: OSV:PYSEC-2019-104...
@any4/model (>=0.0.1 <=1.2.4), @boundstate/hapi-typeorm (=0.0.1) +33 more potentially affected by unknown CVE via typeorm (>=0.0.10 <=0.1.14)
typeorm NPM version =0.0.10, =0.0.1, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =0.6.2, =0.1.2, =0.1.19, =0.1.0, =0.1.2 and more Source cves: unknown CVE Source advisory: OSV:GHSA-W7Q7-VJP8-7JV4...
forwardho (>=0.0.4 <=0.0.7) potentially affected by unknown CVE via floody (=0.0.1)
floody NPM version =0.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on floody and may be impacted: - forwardho =0.0.4, =0.0.7 Source cves: unknown CVE Source advisory: OSV:GHSA-3P92-886G-QXPQ...
expliot (=0.1.0a1.post1), py-air-control (>=2.0.0 <=2.3.0) +1 more potentially affected by CVE-2018-12679 via coapthon3 (=1.0.2)
coapthon3 PYPI version =1.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on coapthon3 and may be impacted: - expliot =0.1.0a1.post1 - py-air-control =2.0.0, =0.1.0, =0.1.2 Source cves: CVE-2018-12679 Source advisory: OSV:PYSEC-2019-166...
iopa-mqtt (>=0.2.0 <=1.3.3), iopa-mqtt-packet (>=0.2.16 <=1.3.7) +4 more potentially affected by CVE-2016-10523 via mqtt-packet (>=2.0.1 <=3.4.3)
mqtt-packet NPM version =2.0.1, =0.2.0, =0.2.16, =1.0.0, =1.0.0-pre.1, =1.0.0, =1.0.3 - mqtt-stack =0.0.2 Source cves: CVE-2016-10523 Source advisory: OSV:GHSA-G3R2-65GC-QPQC...
browsertime (>=1.0.0-alpha.0 <=1.0.0-alpha.18), sitespeed.io (=4.0.0-alpha.1) +1 more potentially affected by CVE-2016-10573 via baryton-saxophone (>=2.50.1 <=2.53.0)
baryton-saxophone NPM version =2.50.1, =1.0.0-alpha.0, =0.2.0, =0.22.4 Source cves: CVE-2016-10573 Source advisory: OSV:GHSA-6PWF-WHC8-HJF6...
pdfservices-extract-sdk (=1.0.0b1), pdfservices-sdk (>=1.0.0 <=1.0.2) potentially affected by CVE-2018-20325 via definitions (=0.2.0)
definitions PYPI version =0.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on definitions and may be impacted: - pdfservices-extract-sdk =1.0.0b1 - pdfservices-sdk =1.0.0, =1.0.2 Source cves: CVE-2018-20325 Source advisory: OSV:PYSEC-2018-82...
com.github.sakserv:hadoop-mini-clusters (=0.0.14), de.m3y.oozie.prometheus:oozie-prometheus-job-event-listener (>=1.0 <=1.2) +10 more potentially affected by CVE-2018-11799 via org.apache.oozie:oozie-core (>=4.1.0 <=4.2.0)
org.apache.oozie:oozie-core MAVEN version =4.1.0, =1.0, =4.1.0, =4.1.0, =4.1.0, =4.1.0, =4.1.0, =4.2.0 - org.kitesdk:kite-data-oozie =1.1.0 Source cves: CVE-2018-11799 Source advisory: OSV:GHSA-WG5W-VV93-3F7W...
HPGO (=0.9.2), IMAPServer (=0.1.0) +2577 more potentially affected by unknown CVE via term (>=0.1.13 <=0.6.1)
term CARGO version =0.1.13, =0.1.0, =0.4.1, =0.2.1, =0.0.1, =0.2.1, =0.1.4, =2.1.0, =0.6.0, =0.19.0 - adivon =0.2.6 - admiral =0.1.0 - admiral-derive =0.1.0 - admiral-types =0.1.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2018-0015...
org.apache.syncope:syncope-core-upgrader (>=1.2.0 <=1.2.10), org.apache.syncope:syncope-standalone (>=1.1.0 <=1.1.8) potentially affected by CVE-2018-1321 via org.apache.syncope:syncope-core (>=1.1.0 <=1.2.10)
org.apache.syncope:syncope-core MAVEN version =1.1.0, =1.2.0, =1.1.0, =1.1.8 Source cves: CVE-2018-1321 Source advisory: OSV:GHSA-XGC9-9W4V-H33H...
aero.loretta:sdk-api-client (>=1.0.0 <=1.0.3), ai.entrolution:thylacine_2.13 (>=0.11.0 <=0.16.0) +10034 more potentially affected by CVE-2016-3720 via com.fasterxml.jackson.dataformat:jackson-dataformat-xml (>=2.0.0-RC2 <=2.7.3)
com.fasterxml.jackson.dataformat:jackson-dataformat-xml MAVEN version =2.0.0-RC2, =1.0.0, =0.11.0, =0.13.0, =1.0.0, =0.5.1, =0.5.1, =0.5.1, =0.7.0, =0.6.1, =0.6.1, =0.7.0, =0.6.1, =0.6.1, =0.6.1, =0.6.1, =0.10.0 and more Source cves: CVE-2016-3720 Source advisory: OSV:GHSA-HMQ6-FRV3-4727...
org.apache.cxf.fediz.examples:jaxrsSpringSecurityWebapp (>=1.4.0 <=1.4.2), org.apache.cxf.fediz.examples:springPreauthWebapp (>=1.4.0 <=1.4.2) +4 more potentially affected by CVE-2017-12631 via org.apache.cxf.fediz:fediz-spring (>=1.4.0 <=1.4.2)
org.apache.cxf.fediz:fediz-spring MAVEN version =1.4.0, =1.4.0, =1.4.0, =1.4.0, =1.4.0, =1.4.0, =1.4.0, =1.4.2 Source cves: CVE-2017-12631 Source advisory: OSV:GHSA-FV7X-4HPC-HF9F...
cn.bjdd301:core-mvc (=1.0.0), cn.pa4j:act-nutzdao (=1.0) +67 more potentially affected by CVE-2018-17297 via cn.hutool:hutool-all (>=4.0.1 <=4.1.1)
cn.hutool:hutool-all MAVEN version =4.0.1, =1.0.0, =0.0.1, =0.5, =1.0.0, =1.1.0 and more Source cves: CVE-2018-17297 Source advisory: OSV:GHSA-RHQ2-2574-78MC...
au.com.turingg:turingg-files (=0.0.1), au.com.turingg:turingg-mimak (=1.0.0) +154 more potentially affected by CVE-2018-11797 via org.apache.pdfbox:pdfbox (>=2.0.0 <=2.0.11)
org.apache.pdfbox:pdfbox MAVEN version =2.0.0, =1.0.0, =0.21.0, =0.22.0-bin-20191218-35fbb34-NIGHTLY, =0.21.0, =1.0-RELEASE, =2.2, =3.1.0, =3.3.0 and more Source cves: CVE-2018-11797 Source advisory: OSV:GHSA-GX96-VGF7-HWFG...
at.researchstudio.sat:won-core (>=0.2 <=0.9), at.researchstudio.sat:won-cryptography (>=0.3 <=0.6) +269 more potentially affected by CVE-2014-0002 via org.apache.camel:camel-core (>=2.12.0 <=2.12.2)
org.apache.camel:camel-core MAVEN version =2.12.0, =0.2, =0.3, =0.2, =0.2, =0.3, =0.3, =0.3, =0.3, =0.3, =0.2, =0.3, =0.3, =0.4, =0.9 and more Source cves: CVE-2014-0002 Source advisory: OSV:GHSA-2FW5-RVF2-JQ56...
org.apache.juddi.example:create-partition (=3.1.5), org.apache.juddi.example:hello-world (=3.1.5) +14 more potentially affected by CVE-2015-5241 via org.apache.juddi:juddi-client (>=3.1.2 <=3.1.5)
org.apache.juddi:juddi-client MAVEN version =3.1.2, =1.2.4, =3.1.2, =3.1.2, =3.1.2, =3.1.2, =3.1.2, =3.1.2, =3.1.2, =3.1.2, =3.1.2, =3.1.5 and more Source cves: CVE-2015-5241 Source advisory: OSV:GHSA-49H4-G8P5-JGQ6...
RPD:bmc-rpd (=1.1), aendter.jenkins.plugins:filesystem-list-parameter-plugin (>=0.0.1 <=0.0.6) +2512 more potentially affected by CVE-2016-9878 via org.springframework:spring-webmvc (>=1.2.1 <=3.2.17.RELEASE)
org.springframework:spring-webmvc MAVEN version =1.2.1, =0.0.1, =1.0, =0.0.20, =1.0, =0.0.1, =0.1.0, =1.0.0, =0.2, =3.0.1, =4.0.0 - cn.fastoo:fastoo-java-api =20171130 - cn.opencodes:alpha-common-utils =1.0.0 and more Source cves: CVE-2016-9878 Source advisory: OSV:GHSA-2M8H-FGR8-2Q9W...
@maxts/waterline-adapter-tests (=1.0.3), driver-interface (=1.0.2) +9 more potentially affected by CVE-2018-16487 +1 more via @sailshq/lodash (=3.10.2)
@sailshq/lodash NPM version =3.10.2 is affected by a known vulnerability. The following packages have a transitive dependency on @sailshq/lodash and may be impacted: - @maxts/waterline-adapter-tests =1.0.3 - driver-interface =1.0.2 - machinepack-sockets =2.0.0, =5.2.0-0, =1.0.1, =0.9.1, =2.1.14,...
@0ti.me/test-deps (>=0.1.1 <=0.1.22), @0ti.me/ts-test-deps (>=0.1.0 <=0.1.3) +2445 more potentially affected by CVE-2017-16137 via debug (>=3.2.0 <=3.2.6)
debug NPM version =3.2.0, =0.1.1, =0.1.0, =1.0.0, =0.2.39, =1.0.2, =2.0.3, =1.1.1, =0.0.34, =1.0.1, =1.0.2, =1.0.2, =0.0.2, =0.0.2, =0.1.0, =0.3.0 and more Source cves: CVE-2017-16137 Source advisory: OSV:GHSA-GXPJ-CX7G-858C...
uncanny (>=0.2.0 <=0.2.3) potentially affected by CVE-2018-3715 via glance (>=0.2.7 <=1.0.0)
glance NPM version =0.2.7, =0.2.0, =0.2.3 Source cves: CVE-2018-3715 Source advisory: OSV:GHSA-2X4Q-6JFV-8H9H...
88slot-ap (=1.0.0), @ndreckshage/tungstenjs (>=0.13.7 <=0.14.0) +225 more potentially affected by CVE-2017-16136 via method-override (>=2.0.0 <=2.3.1)
method-override NPM version =2.0.0, =0.13.7, =0.3.14, =0.0.7, =1.3.2-1, =0.2.0, =0.3.6, =0.1.0, =0.2.2, =0.2.0, =0.0.1, =0.1.1, =1.0.0, =1.0.2, =1.0.5 and more Source cves: CVE-2017-16136 Source advisory: OSV:GHSA-QX2F-477C-35RQ...
bubble (>=2016.3.17 <=2016.8.16), cryptocmd (>=0.5.1 <=0.5.2) +1 more potentially affected by CVE-2017-2810 via tablib (>=0.11.2 <=0.11.4)
tablib PYPI version =0.11.2, =2016.3.17, =0.5.1, =0.1.1, =0.2.3 Source cves: CVE-2017-2810 Source advisory: OSV:GHSA-GCR6-RF47-JRGF...
chaosmonkey (>=1.0.8 <=1.1.0), cloudmesh-client (>=4.5.0 <=4.7.3) +2 more potentially affected by CVE-2018-7750 via paramiko (>=2.1.1 <=2.1.2)
paramiko PYPI version =2.1.1, =1.0.8, =4.5.0, =0.8.0, =0.9.0 - marvin-python-toolbox =0.0.4 Source cves: CVE-2018-7750 Source advisory: OSV:GHSA-232R-66CG-79PX...
au.net.causal.maven.plugins:boxdb-maven-plugin (>=1.0 <=3.3), au.net.causal.maven.plugins:browserbox-maven-plugin (=1.0) +572 more potentially affected by CVE-2018-1002200 via org.codehaus.plexus:plexus-archiver (>=3.0 <=3.5)
org.codehaus.plexus:plexus-archiver MAVEN version =3.0, =1.0, =0.7.8, =0.6.0, =0.6.0, =0.6.0, =1.4.14, =1.2.1, =1.20, =0.0.3, =0.0.21, =0.0.3, =0.0.3, =0.0.3, =0.0.16 and more Source cves: CVE-2018-1002200 Source advisory: SNYK:JAVA-ORGCODEHAUSPLEXUS-31680...
apna-experiment-sdk (>=0.1.0 <=0.4.10), askui (>=0.22.12 <=0.35.0) +39 more potentially affected by CVE-2026-31072 via apscheduler (>=4.0.0a2 <=4.0.0a6)
apscheduler PYPI version =4.0.0a2, =0.1.0, =0.22.12, =1.0.1, =3.8.0, =1.3.0, =3.0.0a0, =0.1.5, =2.0.5, =0.15.1, =0.0.3, =0.1.0rc0, =2.0.0, =8.4.0, =8.7.0 and more Source cves: CVE-2026-31072 Source advisory: OSV:PYSEC-2026-282...
babelon (>=0.2.1 <=0.3.3), curategpt (>=0.2.2 <=0.2.4) +13 more potentially affected by CVE-2026-31236 via llm (>=0.12.0 <=0.26.0)
llm PYPI version =0.12.0, =0.2.1, =0.2.2, =0.1.0, =0.1.0a0, =0.9.0, =11.0.0rc1, =0.3.6, =0.1.0, =0.7.0, =2.0.0, =2.5.0 Source cves: CVE-2026-31236 Source advisory: OSV:PYSEC-2026-400...
aurora-cycler-manager (>=0.10.0 <=0.11.4), fusion-tools (>=3.6.19 <=3.6.90) +9 more potentially affected by CVE-2026-38360 via dash-uploader (>=0.6.0 <=0.7.0a2)
dash-uploader PYPI version =0.6.0, =0.10.0, =3.6.19, =0.0.11, =0.0.30, =0.2.4b0, =0.0.50.0, =0.1.7.3, =2.0.1, =0.2.0, =0.4.1 Source cves: CVE-2026-38360 Source advisory: OSV:PYSEC-2026-320...
click-clack (>=0.1.0 <=0.2.1), dr-widget (>=0.1.2 <=0.1.3) +7 more potentially affected by CVE-2025-39987 +1 more via marimo (>=0.10.19 <=0.21.1)
marimo PYPI version =0.10.19, =0.1.0, =0.1.2, =1.2.7, =2025.8.0, =0.1.1.dev1736307293, =0.1.1.dev1742453945 Source cves: CVE-2025-39987, CVE-2026-39987 Source advisory: OSV:PYSEC-2026-407...
attack-executor (>=0.2.1 <=0.2.8), attackmate (>=0.0.0 <=0.6.0) +11 more potentially affected by CVE-2026-5463 via pymetasploit3 (>=1.0.5 <=1.0.6)
pymetasploit3 PYPI version =1.0.5, =0.2.1, =0.0.0, =0.4.84, =0.0.8, =1.0.0, =1.0.0, =0.0.0, =3.7.0, =0.1.0, =0.1.0, =0.1.2 - raven-vapt =0.1.0 - vulnheist =0.0.1 Source cves: CVE-2026-5463 Source advisory: OSV:PYSEC-2026-500...
a2 (>=0.1.0 <=0.3.17), abadpour (>=6.13.1 <=7.24.1) +952 more potentially affected by CVE-2025-15379 via mlflow (>=0.8.2 <=3.6.0rc0)
mlflow PYPI version =0.8.2, =0.1.0, =6.13.1, =9.273.1, =1.1.0, =0.1.0, =0.1.0, =0.4.4, =0.3.0, =0.0.5, =1.0.0, =0.1.0, =1.1.1 - ai-helpers-pytorch-utils =0.1.0a1 - ailine-core =0.5.5 and more Source cves: CVE-2025-15379 Source advisory: OSV:PYSEC-2026-423...
lightrft (=0.1.0), rl-square (=0.0.1.post1) potentially affected by CVE-2026-3059 via sglang (>=0.4.5 <=0.4.6.post5)
sglang PYPI version =0.4.5, =0.4.6.post5 is affected by a known vulnerability. The following packages have a transitive dependency on sglang and may be impacted: - lightrft =0.1.0 - rl-square =0.0.1.post1 Source cves: CVE-2026-3059 Source advisory: OSV:PYSEC-2026-539...
a2 (>=0.1.0 <=0.3.17), abadpour (>=6.13.1 <=7.24.1) +952 more potentially affected by CVE-2026-0596 via mlflow (>=0.8.2 <=3.8.1)
mlflow PYPI version =0.8.2, =0.1.0, =6.13.1, =9.273.1, =1.1.0, =0.1.0, =0.1.0, =0.4.4, =0.3.0, =0.0.5, =1.0.0, =0.1.0, =1.1.1 - ai-helpers-pytorch-utils =0.1.0a1 - ailine-core =0.5.5 and more Source cves: CVE-2026-0596 Source advisory: OSV:PYSEC-2026-424...
a2 (>=0.1.0 <=0.3.17), abadpour (>=6.13.1 <=7.24.1) +952 more potentially affected by CVE-2025-15036 via mlflow (>=0.8.2 <=3.9.0)
mlflow PYPI version =0.8.2, =0.1.0, =6.13.1, =9.273.1, =1.1.0, =0.1.0, =0.1.0, =0.4.4, =0.3.0, =0.0.5, =1.0.0, =0.1.0, =1.1.1 - ai-helpers-pytorch-utils =0.1.0a1 - ailine-core =0.5.5 and more Source cves: CVE-2025-15036 Source advisory: OSV:PYSEC-2026-425...
0xpwn (=0.1.1), a2a-acl (>=0.0.14 <=0.0.15) +265 more potentially affected by CVE-2026-42208 via litellm (>=1.81.16 <=1.83.4)
litellm PYPI version =1.81.16, =0.0.14, =0.0.14, =0.0.1a0, =0.6.0, =0.7.3, =0.1.46, =0.25.4a2, =0.1.0, =0.1.0, =0.1.0, =0.1.14.13, =0.0.0.post0, =2.4.65 and more Source cves: CVE-2026-42208 Source advisory: OSV:PYSEC-2026-391...
fluoriclogppka (>=0.1.0 <=0.2.7), h2o-wave-ml (>=0.3.0 <=0.5.0) +3 more potentially affected by CVE-2023-6569 via h2o (>=3.18.0.8 <=3.44.0.3)
h2o PYPI version =3.18.0.8, =0.1.0, =0.3.0, =0.4.5, =0.0.1, =0.0.102 - tsanalysis =0.1.0 Source cves: CVE-2023-6569 Source advisory: OSV:PYSEC-2026-350...
a2 (>=0.1.0 <=0.3.17), abnativ (>=1.1.0 <=1.2.9) +339 more potentially affected by CVE-2023-6975 via mlflow (>=0.8.2 <=2.9.1)
mlflow PYPI version =0.8.2, =0.1.0, =1.1.0, =0.0.5, =0.1.0, =0.1.0, =1.7.0, =1.7.0, =1.8.0, =1.7.0, =1.7.0, =0.1.1, =0.1.5 - anovos =1.1.0 and more Source cves: CVE-2023-6975 Source advisory: OSV:PYSEC-2026-422...
a2 (>=0.1.0 <=0.3.17), abnativ (>=1.1.0 <=1.2.9) +339 more potentially affected by CVE-2023-6974 via mlflow (>=0.8.2 <=2.9.1)
mlflow PYPI version =0.8.2, =0.1.0, =1.1.0, =0.0.5, =0.1.0, =0.1.0, =1.7.0, =1.7.0, =1.8.0, =1.7.0, =1.7.0, =0.1.1, =0.1.5 - anovos =1.1.0 and more Source cves: CVE-2023-6974 Source advisory: OSV:PYSEC-2026-416...
aind-data-transfer (>=0.1.13 <=0.35.3), aind-dispim-processing (>=0.0.1 <=0.0.4) +25 more potentially affected by CVE-2023-45853 via pyminizip (=0.2.6)
pyminizip PYPI version =0.2.6 is affected by a known vulnerability. The following packages have a transitive dependency on pyminizip and may be impacted: - aind-data-transfer =0.1.13, =0.0.1, =0.3.0, =1.9.32, =0.0.6, =1.1.12, =0.8.0, =0.1.0, =0.0.1, =0.2.0, =0.1.1, =0.1.5 and more Source cves:...
autoxx (>=0.0.11 <=0.0.13), vuln-demo-math-ops (=1.0.0) potentially affected by CVE-2024-6091 via agpt (=0.2.2)
agpt PYPI version =0.2.2 is affected by a known vulnerability. The following packages have a transitive dependency on agpt and may be impacted: - autoxx =0.0.11, =0.0.13 - vuln-demo-math-ops =1.0.0 Source cves: CVE-2024-6091 Source advisory: OSV:PYSEC-2026-257...
ait-dsn (=2.0.0), ait-gui (>=2.4.0 <=2.4.1) potentially affected by CVE-2024-35058 via ait-core (>=2.3.5 <=2.5.2)
ait-core PYPI version =2.3.5, =2.4.0, =2.4.1 Source cves: CVE-2024-35058 Source advisory: OSV:PYSEC-2026-261...
ait-dsn (=2.0.0), ait-gui (>=2.4.0 <=2.4.1) potentially affected by CVE-2024-35059 via ait-core (>=2.3.5 <=2.5.2)
ait-core PYPI version =2.3.5, =2.4.0, =2.4.1 Source cves: CVE-2024-35059 Source advisory: OSV:PYSEC-2026-264...
a-data-processing (=0.0.1), a-mailx (=0.1.0) +1224 more potentially affected by CVE-2025-68664 via langchain-core (>=0.0.1 <=0.3.8)
langchain-core PYPI version =0.0.1, =0.1.0, =0.1.3, =0.1.0b0, =4.8.2, =0.1.3, =0.1.0, =3.2.0, =2.1.7, =0.0.2, =0.0.5 and more Source cves: CVE-2025-68664 Source advisory: OSV:PYSEC-2026-373...
tashan-scispark (>=1.0.1 <=1.0.8) potentially affected by CVE-2024-8537 via agentscope (=0.1.0)
agentscope PYPI version =0.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on agentscope and may be impacted: - tashan-scispark =1.0.1, =1.0.8 Source cves: CVE-2024-8537 Source advisory: OSV:PYSEC-2026-254...
@aws/plugin-aws-apps-for-backstage (>=0.3.4 <=0.3.5), @backstage-community/plugin-multi-source-security-viewer (>=0.7.1 <=0.15.2) potentially affected by unknown CVE via @immobiliarelabs/backstage-plugin-gitlab (=6.13.0)
@immobiliarelabs/backstage-plugin-gitlab NPM version =6.13.0 is affected by a known vulnerability. The following packages have a transitive dependency on @immobiliarelabs/backstage-plugin-gitlab and may be impacted: - @aws/plugin-aws-apps-for-backstage =0.3.4, =0.7.1, =0.15.2 Source cves: unknown...
@backstage-community/plugin-multi-source-security-viewer (>=0.15.3 <=0.17.0) potentially affected by unknown CVE via @immobiliarelabs/backstage-plugin-gitlab (=7.0.1)
@immobiliarelabs/backstage-plugin-gitlab NPM version =7.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on @immobiliarelabs/backstage-plugin-gitlab and may be impacted: - @backstage-community/plugin-multi-source-security-viewer =0.15.3, =0.17.0 Source...
@icebreakers/monorepo (>=4.0.0 <=4.0.13), @pnpm/building.commands (>=1100.0.0 <=1100.1.3) +15 more potentially affected by unknown CVE via @pnpm/fs.symlink-dependency (>=1100.0.0 <=1100.0.8)
@pnpm/fs.symlink-dependency NPM version =1100.0.0, =4.0.0, =1100.0.0, =1100.0.0, =1100.0.0, =1100.0.0, =1100.0.0, =1100.0.0, =1100.0.0, =1100.0.0, =1100.0.0, =1100.0.0, =1100.0.0, =1100.0.0, =1100.0.0, =0.0.1, =0.0.21 and more Source cves: unknown CVE Source advisory:...