26517 matches found
org.apache.pulsar:pulsar-io-distribution (>=2.3.0 <=2.7.5), org.apache.pulsar:pulsar-io-docs (>=2.3.0 <=2.7.5) potentially affected by CVE-2025-30677 via org.apache.pulsar:pulsar-io-kafka (>=2.3.0 <=2.7.5)
org.apache.pulsar:pulsar-io-kafka MAVEN version =2.3.0, =2.3.0, =2.3.0, =2.7.5 Source cves: CVE-2025-30677 Source advisory: OSV:GHSA-RCQJ-3FMP-5CQX...
ai.chat2db.excel:easyexcel-plus (=0.0.1), ai.chat2db.excel:easyexcel-plus-core (=0.0.1) +3470 more potentially affected by CVE-2025-31672 via org.apache.poi:poi-ooxml (>=5.0.0 <=5.3.0)
org.apache.poi:poi-ooxml MAVEN version =5.0.0, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.8.3, =0.8.3, =0.8.3, =0.5.0, =0.5.0, =1.0.0, =0.5.1, =1.1.0 and more Source cves: CVE-2025-31672 Source advisory: SNYK:JAVA-ORGAPACHEPOI-9685010...
ai.chat2db.excel:easyexcel-plus (=0.0.1), ai.chat2db.excel:easyexcel-plus-core (=0.0.1) +7055 more potentially affected by CVE-2025-31672 via org.apache.poi:poi-ooxml (>=3.5-FINAL <=5.3.0)
org.apache.poi:poi-ooxml MAVEN version =3.5-FINAL, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.8.3, =0.8.3, =0.8.3, =0.5.0, =0.5.0, =1.0.0, =0.5.1, =1.1.0 and more Source cves: CVE-2025-31672 Source advisory: OSV:GHSA-GMG8-593G-7MV3...
org.apache.pulsar:pulsar-io-distribution (>=2.3.0 <=2.7.5), org.apache.pulsar:pulsar-io-docs (>=2.3.0 <=2.7.5) potentially affected by CVE-2025-30677 via org.apache.pulsar:pulsar-io-kafka (>=2.3.0 <=2.7.5)
org.apache.pulsar:pulsar-io-kafka MAVEN version =2.3.0, =2.3.0, =2.3.0, =2.7.5 Source cves: CVE-2025-30677 Source advisory: SNYK:JAVA-ORGAPACHEPULSAR-9685318...
com.farcsal.dql:query-es (=0.8.0), com.github.ben-manes.caffeine:simulator (>=3.0.4 <=3.0.5) +13 more potentially affected by CVE-2024-52981 via org.elasticsearch:elasticsearch (>=8.0.0-alpha1 <=8.15.0)
org.elasticsearch:elasticsearch MAVEN version =8.0.0-alpha1, =3.0.4, =1.2.0, =0.83.0, =7.23.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.10.0, =1.6.es801.0, =8.0.0, =8.15.0 Source cves: CVE-2024-52981 Source advisory: OSV:GHSA-5XM9-X7X4-4J5X...
ca.uhn.hapi.fhir:hapi-fhir-cli-api (>=6.10.0 <=6.10.5), ca.uhn.hapi.fhir:hapi-fhir-cli-app (>=6.10.0 <=6.10.5) +144 more potentially affected by CVE-2024-52981 via org.elasticsearch:elasticsearch (>=7.17.0 <=7.17.23)
org.elasticsearch:elasticsearch MAVEN version =7.17.0, =6.10.0, =6.10.0, =6.10.0, =6.10.0, =6.10.0, =6.10.0, =6.10.0, =6.10.0, =6.10.0, =1.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =6.0.01 - cn.dev8:ktmyoql-code-generator =1.4 and more Source cves: CVE-2024-52981 Source advisory: OSV:GHSA-5XM9-X7X4-4J5X...
ai.ylyue:yue-library-data-es (>=j8.2.2.0 <=j11.2.4.0), br.com.simpli:simpli-ws (>=1.2.1 <=2.2.0) +824 more potentially affected by CVE-2024-52980 via org.elasticsearch:elasticsearch (>=7.17.0 <=8.15.0)
org.elasticsearch:elasticsearch MAVEN version =7.17.0, =j8.2.2.0, =1.2.1, =0.0.1-alpha, =6.0.0, =6.0.3, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.2.0, =6.8.0, =6.4.0, =6.0.0, =6.0.0, =6.0.3, =6.8.0 and more Source cves: CVE-2024-52980 Source advisory: OSV:GHSA-GHFH-P92W-J4MG...
com.farcsal.dql:query-es (=0.8.0), com.github.msarhan:elasticsearch-analysis-arabic (>=1.2.0 <=1.4.0) +14 more potentially affected by CVE-2024-52980 via org.elasticsearch:elasticsearch-grok (>=8.10.0 <=8.15.0)
org.elasticsearch:elasticsearch-grok MAVEN version =8.10.0, =1.2.0, =0.83.0, =7.23.0, =8.10.0.0, =8.10.0.0, =8.10.0.0, =8.10.0.0, =8.10.0, =8.14.2, =8.10.0, =8.10.0, =8.10.0, =1.7.es8114.0, =1.7.es8150.0 and more Source cves: CVE-2024-52980 Source advisory: SNYK:JAVA-ORGELASTICSEARCH-9679474...
ai.ylyue:yue-library-data-es (>=j11.2.6.0 <=j11.2.6.2), ca.uhn.hapi.fhir:hapi-fhir-cli-api (>=5.3.0 <=6.10.5) +581 more potentially affected by CVE-2024-52981 via org.elasticsearch:elasticsearch-geo (>=7.0.0-beta1 <=7.17.23)
org.elasticsearch:elasticsearch-geo MAVEN version =7.0.0-beta1, =j11.2.6.0, =5.3.0, =5.6.5, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =6.10.0, =6.10.0, =6.10.0, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =5.6.5, =5.7.9 and more Source cves: CVE-2024-52981 Source advisory: SNYK:JAVA-ORGELASTICSEARCH-9679275...
com.farcsal.dql:query-es (=0.8.0), com.github.ben-manes.caffeine:simulator (>=3.0.4 <=3.0.5) +14 more potentially affected by CVE-2024-52981 via org.elasticsearch:elasticsearch-geo (>=8.0.0-alpha1 <=8.15.0)
org.elasticsearch:elasticsearch-geo MAVEN version =8.0.0-alpha1, =3.0.4, =1.2.0, =0.83.0, =7.23.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.10.0, =8.0.0, =1.6.es801.0, =1.7.es8150.0 and more Source cves: CVE-2024-52981 Source advisory: SNYK:JAVA-ORGELASTICSEARCH-9679275...
AskAI (=0.1.0), abbegm (=0.5.0) +608 more potentially affected by unknown CVE via tokio (>=0.2.5 <=1.38.1)
tokio CARGO version =0.2.5, =0.1.0, =0.1.0, =0.2.0, =0.1.0, =4.0.0, =0.2.0, =0.6.0, =0.1.0, =0.1.7 and more Source cves: unknown CVE Source advisory: OSV:GHSA-RR8G-9FPQ-6WMG...
apls (>=0.0.6 <=0.1.0), beratools (=0.2.2) +27 more potentially affected by CVE-2025-29480 via gdal (>=2.1.0 <=3.10.1)
gdal PYPI version =2.1.0, =0.0.6, =0.1.1, =0.0.7, =2.0.1, =0.1.0, =0.10.3, =0.4.5, =0.0.35, =0.1.0, =1.0.60, =1.1.10 and more Source cves: CVE-2025-29480 Source advisory: OSV:PYSEC-2025-117...
@active-mdx/core (>=0.2.0 <=0.9.6), @allenlee/remark-mdx-frontmatter (=3.1.2) +290 more potentially affected by CVE-2025-32014 via estree-util-value-to-estree (>=1.3.0 <=3.3.2)
estree-util-value-to-estree NPM version =1.3.0, =0.2.0, =0.0.1-alpha.1, =0.1.0, =0.0.1, =0.0.6, =0.0.0-rc-20220721064837, =0.1.3, =0.1.3, =0.1.3, =0.1.3, =0.9.1, =1.0.0 and more Source cves: CVE-2025-32014 Source advisory: OSV:GHSA-F7F6-9JQ7-3RQJ...
apollo-encoder (>=0.6.0 <=0.7.0), apollo-parser (>=0.6.0 <=0.7.1) +1 more potentially affected by CVE-2025-31496 via apollo-compiler (>=0.10.0 <=0.11.0)
apollo-compiler CARGO version =0.10.0, =0.6.0, =0.6.0, =0.7.1 - apollo-smith =0.4.0 Source cves: CVE-2025-31496 Source advisory: OSV:GHSA-7MPV-9XG6-5R79...
2mxdev-gql-gateway (=1.0.0), @2mxdev/gql-gateway (>=1.0.0 <=4.0.2) +217 more potentially affected by CVE-2025-32031 via @apollo/gateway (>=0.10.4 <=2.10.0)
@apollo/gateway NPM version =0.10.4, =1.0.0, =1.0.0, =0.0.7, =0.0.1-feature-ci-publish.2, =0.0.1-feature-ci-publish.2, =0.6.5, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =0.0.1, =0.0.22 and more Source cves: CVE-2025-32031 Source advisory: OSV:GHSA-P2Q6-PWH5-M6JR...
2mxdev-gql-gateway (=1.0.0), @2mxdev/gql-gateway (>=1.0.0 <=4.0.2) +217 more potentially affected by CVE-2025-32030 via @apollo/gateway (>=0.10.4 <=2.10.0)
@apollo/gateway NPM version =0.10.4, =1.0.0, =1.0.0, =0.0.7, =0.0.1-feature-ci-publish.2, =0.0.1-feature-ci-publish.2, =0.6.5, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =0.0.1, =0.0.22 and more Source cves: CVE-2025-32030 Source advisory: OSV:GHSA-Q2F9-X4P4-7XMH...
inigo-rs (>=0.1.5 <=0.27.8) potentially affected by CVE-2025-32380 via apollo-router (=1.2.1)
apollo-router CARGO version =1.2.1 is affected by a known vulnerability. The following packages have a transitive dependency on apollo-router and may be impacted: - inigo-rs =0.1.5, =0.27.8 Source cves: CVE-2025-32380 Source advisory: OSV:GHSA-3J43-9V8V-CP3F...
inigo-rs (>=0.1.5 <=0.27.8) potentially affected by CVE-2025-32033 via apollo-router (=1.2.1)
apollo-router CARGO version =1.2.1 is affected by a known vulnerability. The following packages have a transitive dependency on apollo-router and may be impacted: - inigo-rs =0.1.5, =0.27.8 Source cves: CVE-2025-32033 Source advisory: OSV:GHSA-84M6-5M72-45FP...
inigo-rs (>=0.1.5 <=0.27.8) potentially affected by CVE-2025-32034 via apollo-router (=1.2.1)
apollo-router CARGO version =1.2.1 is affected by a known vulnerability. The following packages have a transitive dependency on apollo-router and may be impacted: - inigo-rs =0.1.5, =0.27.8 Source cves: CVE-2025-32034 Source advisory: OSV:GHSA-75M2-JHH5-J5G2...
inigo-rs (>=0.1.5 <=0.27.8) potentially affected by CVE-2025-32032 via apollo-router (=1.2.1)
apollo-router CARGO version =1.2.1 is affected by a known vulnerability. The following packages have a transitive dependency on apollo-router and may be impacted: - inigo-rs =0.1.5, =0.27.8 Source cves: CVE-2025-32032 Source advisory: OSV:GHSA-94HH-JMQ8-2FGP...
com.airbus-cyber-security.graylog:graylog-plugin-alert-wizard (>=6.1.0 <=6.1.7), com.airbus-cyber-security.graylog:graylog-plugin-correlation-count (=6.1.0) +3 more potentially affected by CVE-2025-30373 via org.graylog2:graylog2-server (>=6.1.0 <=6.1.8)
org.graylog2:graylog2-server MAVEN version =6.1.0, =6.1.0, =6.1.0, =6.1.0, =6.1.0, =6.1.16 Source cves: CVE-2025-30373 Source advisory: OSV:GHSA-Q7G5-JQ6P-6WVX...
com.airbus-cyber-security.graylog:graylog-plugin-alert-wizard (>=6.1.0 <=6.1.7), com.airbus-cyber-security.graylog:graylog-plugin-correlation-count (=6.1.0) +3 more potentially affected by CVE-2025-30373 via org.graylog2:graylog2-server (>=6.1.0 <=6.1.8)
org.graylog2:graylog2-server MAVEN version =6.1.0, =6.1.0, =6.1.0, =6.1.0, =6.1.0, =6.1.16 Source cves: CVE-2025-30373 Source advisory: SNYK:JAVA-ORGGRAYLOG2-9668945...
AskAI (=0.1.0), abbegm (=0.5.0) +608 more potentially affected by unknown CVE via tokio (>=0.2.5 <=1.38.1)
tokio CARGO version =0.2.5, =0.1.0, =0.1.0, =0.2.0, =0.1.0, =4.0.0, =0.2.0, =0.6.0, =0.1.0, =0.1.7 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2025-0023...
acryl-datahub-airflow-plugin (>=0.10.5.2rc3 <=0.11.0rc1), aind-airflow-jobs (>=0.2.1 <=0.2.6) +22 more potentially affected by CVE-2025-30473 via apache-airflow-providers-common-sql (>=1.0.0 <=1.20.0)
apache-airflow-providers-common-sql PYPI version =1.0.0, =0.10.5.2rc3, =0.2.1, =0.11.0, =0.2.0, =0.0.1, =0.0.1, =0.3.1, =0.0.4, =0.0.1a0, =2.6.0, =1.0.0rc1, =0.0.36, =1.0.0rc1, =1.0.0, =2.5.1rc1 and more Source cves: CVE-2025-30473 Source advisory: SNYK:PYTHON-APACHEAIRFLOWPROVIDERSCOMMONSQL-9667...
acryl-datahub-airflow-plugin (>=0.10.5.2rc3 <=0.11.0rc1), aind-airflow-jobs (>=0.2.1 <=0.2.6) +22 more potentially affected by CVE-2025-30473 via apache-airflow-providers-common-sql (>=1.0.0 <=1.20.0)
apache-airflow-providers-common-sql PYPI version =1.0.0, =0.10.5.2rc3, =0.2.1, =0.11.0, =0.2.0, =0.0.1, =0.0.1, =0.3.1, =0.0.4, =0.0.1a0, =2.6.0, =1.0.0rc1, =0.0.36, =1.0.0rc1, =1.0.0, =2.5.1rc1 and more Source cves: CVE-2025-30473 Source advisory: OSV:GHSA-5R62-MJF5-XWHJ...
ai.hyacinth.framework:core-service-config-server (=0.5.24), cloud.altemista.fwk.framework:cloud-altemistafwk-documentation (=3.1.0.RELEASE) +63 more potentially affected by CVE-2025-22232 via org.springframework.cloud:spring-cloud-config-server (>=2.2.0.RELEASE <=3.1.1)
org.springframework.cloud:spring-cloud-config-server MAVEN version =2.2.0.RELEASE, =2.2.1.RELEASE, =0.0.1.RELEASE, =0.0.1-RELEASE, =1.1.1, =1.0.0, =1.0.0.RELEASE, =1.0.1 - com.github.niupengyu:ahead-frame-commons =1.2.5-RELEASE - com.github.niupengyu:ahead-frame-core =1.2.5-RELEASE -...
com.brihaspathee.artemis:config-server (>=0.0.1 <=1.0.2), com.brihaspathee.sapphire:config-server (>=1.0.0 <=1.0.7) +6 more potentially affected by CVE-2025-22232 via org.springframework.cloud:spring-cloud-config-server (>=4.2.0 <=4.2.1)
org.springframework.cloud:spring-cloud-config-server MAVEN version =4.2.0, =0.0.1, =1.0.0, =3.0.9, =0.1.41-Beta, =7.2.0, =7.2.0, =4.2.0, =3.2.0, =3.2.1 Source cves: CVE-2025-22232 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKCLOUD-9674187...
com.mayhoo:config-server (=3.0.2), com.okta.spring.examples:okta-spring-boot-cloud-config-example (>=3.0.3 <=3.0.8) +8 more potentially affected by CVE-2025-22232 via org.springframework.cloud:spring-cloud-config-server (>=4.0.0 <=4.1.5)
org.springframework.cloud:spring-cloud-config-server MAVEN version =4.0.0, =3.0.3, =0.5, =0.0.1, =1.2.1-rc1, =7.0.0, =7.0.0, =4.0.0, =3.0.0, =3.1.5 Source cves: CVE-2025-22232 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKCLOUD-9674187...
gix-fs (>=0.1.0 <=0.9.1), gix-lock (>=5.0.0 <=12.0.1) +1 more potentially affected by CVE-2025-31130 via gix-features (>=0.29.0 <=0.37.2)
gix-features CARGO version =0.29.0, =0.1.0, =5.0.0, =5.0.3, =12.0.1 Source cves: CVE-2025-31130 Source advisory: OSV:GHSA-2FRX-2596-X5R6...
gitoxide (>=0.1.0 <=0.15.0) potentially affected by CVE-2025-31130 via gitoxide-core (>=0.10.5 <=0.3.0)
gitoxide-core CARGO version =0.10.5, =0.1.0, =0.15.0 Source cves: CVE-2025-31130 Source advisory: OSV:GHSA-2FRX-2596-X5R6...
endringer (>=0.1.0 <=0.7.1) potentially affected by CVE-2025-31130 via gix (=0.0.0)
gix CARGO version =0.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on gix and may be impacted: - endringer =0.1.0, =0.7.1 Source cves: CVE-2025-31130 Source advisory: OSV:GHSA-2FRX-2596-X5R6...
ai-dynamo (=0.1.0), openllm (=0.6.19) potentially affected by CVE-2025-27520 via bentoml (>=1.4.0a2 <=1.4.1)
bentoml PYPI version =1.4.0a2, =1.4.1 is affected by a known vulnerability. The following packages have a transitive dependency on bentoml and may be impacted: - ai-dynamo =0.1.0 - openllm =0.6.19 Source cves: CVE-2025-27520 Source advisory: SNYK:PYTHON-BENTOML-9667321...
ai-dynamo (=0.1.0), openllm (=0.6.19) potentially affected by CVE-2025-27520 via bentoml (>=1.4.0a2 <=1.4.1)
bentoml PYPI version =1.4.0a2, =1.4.1 is affected by a known vulnerability. The following packages have a transitive dependency on bentoml and may be impacted: - ai-dynamo =0.1.0 - openllm =0.6.19 Source cves: CVE-2025-27520 Source advisory: OSV:GHSA-33XW-247W-6HMC...
@adhd/react-hooks (=2.2.1), @aklesky/vite-config (>=0.7.9 <=0.9.0) +403 more potentially affected by CVE-2025-31486 via vite (>=5.0.0 <=5.4.16)
vite NPM version =5.0.0, =0.7.9, =17.1.0, =18.0.0, =1.0.25-beta.0, =0.5.0, =2.0.0-beta.0, =0.22.0, =1.0.1, =1.0.0, =1.0.0, =0.9.0, =0.9.8 and more Source cves: CVE-2025-31486 Source advisory: OSV:GHSA-XCJ6-PQ6G-QJ4X...
@andrewzagorski/admin (>=4.25.19-patch.2 <=4.25.19-patch.3), @andrewzagorski/pack-up (=4.23.1-prerelease.2) +21 more potentially affected by CVE-2025-31486 via vite (>=6.0.0 <=6.0.11)
vite NPM version =6.0.0, =4.25.19-patch.2, =19.1.5, =5.0.0-alpha.37, =2.11.0, =2.11.0, =11.23.0, =0.0.0-experimental-13bd4c2-20250203-4e3af844, =0.0.0-snapshot-1d99fea7d2ce2c7a5d9ed0a3752f8a7bda6bc3db, =0.0.0-snapshot-1d99fea7d2ce2c7a5d9ed0a3752f8a7bda6bc3db, =1.0.6, =1.0.7 - @tuax/plugin-vite6...
@angular/build (>=19.2.0 <=19.2.0-rc.0), @d-zero/builder (=5.0.0-alpha.39) +38 more potentially affected by CVE-2025-31486 via vite (>=6.1.0 <=6.1.3)
vite NPM version =6.1.0, =19.2.0, =1.0.7, =2.12.0, =2.12.0, =11.24.0, =0.0.1739797164641, =1.0.0, =0.0.0-experimental-989cf02-20250217-d62ba1cb, =0.0.0-experimental-80aadca-20250205-e2641483, =0.0.0-snapshot-1e670bae5105bde781e82aa2a8ee4f2dfc2446f0,...
@aicblock/cli (>=1.0.0 <=1.0.1), @angular/build (>=19.2.1 <=20.0.0-next.4) +39 more potentially affected by CVE-2025-31486 via vite (>=6.2.0 <=6.2.4)
vite NPM version =6.2.0, =1.0.0, =19.2.1, =0.55.0, =0.21.2-4.1, =1.0.0, =1.0.410, =3.8.0, =1.47.0, =5.0.0-alpha.40, =1.0.0-next.1, =3.0.0, =3.0.0-BETA.1 and more Source cves: CVE-2025-31486 Source advisory: OSV:GHSA-XCJ6-PQ6G-QJ4X...
1food-menu (>=0.0.1 <=0.2.3), 7qb-cli (=2.0.0) +2706 more potentially affected by CVE-2025-31486 via vite (>=0.14.4 <=4.5.11)
vite NPM version =0.14.4, =0.0.1, =1.0.0, =4.0.61, =4.0.61, =4.0.61, =4.0.61, =0.0.3, =1.0.1, =1.0.12, =0.0.4, =1.0.1, =1.0.7 and more Source cves: CVE-2025-31486 Source advisory: OSV:GHSA-XCJ6-PQ6G-QJ4X...
elyra (>=4.0.0rc0 <=4.0.0rc4), elyra-code-snippet-extension (>=3.0.0rc3 <=4.0.0rc2) +12 more potentially affected by CVE-2025-30370 via jupyterlab-git (>=0.24.0 <=0.50.2)
jupyterlab-git PYPI version =0.24.0, =4.0.0rc0, =3.0.0rc3, =3.14.0, =3.0.0rc3, =3.0.0rc3, =3.0.0rc3, =3.14.0, =4.0.0rc0, =0.4.0, =2.1.0, =0.1.30, =1.3.19, =3.16.1, =0.1.0, =0.2.9 Source cves: CVE-2025-30370 Source advisory: OSV:GHSA-CJ5W-8MJF-R5F8...
3gtel-frontend-platform (=1.0.0), @achieve-all/v-element (=1.0.0) +294 more potentially affected by CVE-2025-3197 via expand-object (>=0.2.3 <=0.4.2)
expand-object NPM version =0.2.3, =0.1.1, =1.0.0, =1.0.0, =2.0.0, =2.0.7, =0.1.0, =1.0.0, =1.0.8, =0.1.2, =1.0.3, =6.0.0-rc1, =1.0.0, =1.0.8 and more Source cves: CVE-2025-3197 Source advisory: OSV:GHSA-4VJR-HFPP-2M7W...
@1kit/react (>=0.0.74 <=0.0.149), @1kit/ui (>=0.0.14 <=0.0.90) +763 more potentially affected by CVE-2025-3191 via react-draft-wysiwyg (>=1.10.0 <=1.15.0)
react-draft-wysiwyg NPM version =1.10.0, =0.0.74, =0.0.14, =1.0.7, =0.2.2, =1.0.0, =0.0.5, =0.1.2, =1.0.2, =1.0.0, =1.0.2, =2.0.54, =1.0.1-alpha.0, =1.0.3-alpha.0 and more Source cves: CVE-2025-3191 Source advisory: OSV:GHSA-FQ5X-7292-2P5R...
0xppl-solana-portfolio (=1.0.0), 0xuath-sdk-react (>=0.0.2 <=0.0.23) +6453 more potentially affected by CVE-2025-3194 via bigint-buffer (=1.1.5)
bigint-buffer NPM version =1.1.5 is affected by a known vulnerability. The following packages have a transitive dependency on bigint-buffer and may be impacted: - 0xppl-solana-portfolio =1.0.0 - 0xuath-sdk-react =0.0.2, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.0, =0.0.77, =0.2.0, =0.1.1,...
fable3d (>=1.0.0 <=1.1.4), liblaf-melon (>=0.1.10 <=0.1.17) +4 more potentially affected by CVE-2025-3196 via pyassimp (=5.2.5)
pyassimp PYPI version =5.2.5 is affected by a known vulnerability. The following packages have a transitive dependency on pyassimp and may be impacted: - fable3d =1.0.0, =0.1.10, =0.2.1, =0.2.14, =0.1.4, =0.2.0, =0.2.1 Source cves: CVE-2025-3196 Source advisory: OSV:PYSEC-2025-170...
elyra (>=4.0.0rc0 <=4.0.0rc4), elyra-code-snippet-extension (>=3.0.0rc3 <=4.0.0rc2) +12 more potentially affected by CVE-2025-30370 via jupyterlab-git (>=0.24.0 <=0.50.2)
jupyterlab-git PYPI version =0.24.0, =4.0.0rc0, =3.0.0rc3, =3.14.0, =3.0.0rc3, =3.0.0rc3, =3.0.0rc3, =3.14.0, =4.0.0rc0, =0.4.0, =2.1.0, =0.1.30, =1.3.19, =3.16.1, =0.1.0, =0.2.9 Source cves: CVE-2025-30370 Source advisory: SNYK:PYTHON-JUPYTERLABGIT-9667341...
soprano-tts (=0.0.2) potentially affected by CVE-2025-3163 via lmdeploy (=0.13.0)
lmdeploy PYPI version =0.13.0 is affected by a known vulnerability. The following packages have a transitive dependency on lmdeploy and may be impacted: - soprano-tts =0.0.2 Source cves: CVE-2025-3163 Source advisory: SNYK:PYTHON-LMDEPLOY-10343889...
soprano-tts (=0.0.2) potentially affected by CVE-2025-3162 via lmdeploy (=0.13.0)
lmdeploy PYPI version =0.13.0 is affected by a known vulnerability. The following packages have a transitive dependency on lmdeploy and may be impacted: - soprano-tts =0.0.2 Source cves: CVE-2025-3162 Source advisory: SNYK:PYTHON-LMDEPLOY-9723887...
fable3d (>=1.0.0 <=1.1.4), liblaf-melon (>=0.1.10 <=0.1.17) +4 more potentially affected by CVE-2025-3158 via pyassimp (=5.2.5)
pyassimp PYPI version =5.2.5 is affected by a known vulnerability. The following packages have a transitive dependency on pyassimp and may be impacted: - fable3d =1.0.0, =0.1.10, =0.2.1, =0.2.14, =0.1.4, =0.2.0, =0.2.1 Source cves: CVE-2025-3158 Source advisory: OSV:PYSEC-2025-169...
gix-fs (>=0.1.0 <=0.9.1), gix-lock (>=5.0.0 <=12.0.1) +1 more potentially affected by CVE-2025-31130 via gix-features (>=0.29.0 <=0.37.2)
gix-features CARGO version =0.29.0, =0.1.0, =5.0.0, =5.0.3, =12.0.1 Source cves: CVE-2025-31130 Source advisory: OSV:RUSTSEC-2025-0021...
apss (>=0.1.0 <=0.3.0), hebo-mindspore (>=0.2.0 <=0.2.1) +12 more potentially affected by CVE-2025-3145 via mindspore (>=2.7.0 <=2.9.0)
mindspore PYPI version =2.7.0, =0.1.0, =0.2.0, =1.6.0, =0.2.0, =1.4.0, =0.0.12, =1.0.0, =0.0.1, =0.0.1, =0.1.0, =0.1.4 Source cves: CVE-2025-3145 Source advisory: SNYK:PYTHON-MINDSPORE-10361605...
01os (=0.0.14), 21cmpsdenoiser (>=1.0.0 <=1.0.2) +25918 more potentially affected by CVE-2025-3136 via torch (>=1.0.0 <=2.9.1)
torch PYPI version =1.0.0, =1.0.0, =0.1.0, =1.0.0, =0.1.0, =0.1.0, =0.1.3, =0.1.0, =0.1.0, =0.0.1, =0.0.1, =0.0.16 - a1facts =0.2.6 and more Source cves: CVE-2025-3136 Source advisory: SNYK:PYTHON-TORCH-10337825...