Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

cargo Security Advisories

High

GSA_kwCzR0hTQS1qN2hwLWg4angtNXBwcs4AA10j

libwebp: OOB write in BuildHuffmanTable
Ecosystems: nuget, cargo, pypi, go, npm
Packages: magick.net-q8-x64, magick.net-q8-openmp-x64, magick.net-q8-anycpu, magick.net-q16-x64, magick.net-q16-hdri-anycpu, magick.net-q16-anycpu, webp, Pillow, github.com/chai2010/webp, SkiaSharp, electron, libwebp-sys, libwebp-sys2
Source: GitHub Advisory Database
Blast Radius: 130.8
Published: 8 months ago

Moderate

GSA_kwCzR0hTQS01ODQ0LXEzZmMtNTZyaM4AA3lZ

pubnub Insufficient Entropy vulnerability
Ecosystems: swift, pypi, pub, packagist, cargo, rubygems, nuget, go, maven, npm
Packages: github.com/pubnub/swift, pubnub, pubnub/pubnub, Pubnub, github.com/pubnub/go/v5, github.com/pubnub/go/v6, github.com/pubnub/go, github.com/pubnub/go/v7, com.pubnub:pubnub, com.pubnub:pubnub-kotlin
Source: GitHub Advisory Database
Blast Radius: 82.5
Published: 5 months ago

High

Advisories: 18,361
Packages: 8,293
Repositories: 424
Ecosystems: 12

Filter by Severity

Moderate 7,925 High 6,355 Critical 2,807 Low 985

Filter by Ecosystem

maven 5,531 packagist 3,802 pypi 3,711 npm 3,543 go 1,895 nuget 1,390 rubygems 814 cargo 777 swift 31 hex 30 actions 16 pub 8

Filter by Package

openssl-src 26 ckb 22 wasmtime 16 rusqlite 16 deno 11 surrealdb 8 libpulse-binding 7 openssl 7 hyper 7 cranelift-codegen 6 Simple-Wayland-HotKey-Daemon 6 sized-chunks 6 smallvec 6 frontier 5 comrak 5 messagepack-rs 5 xcb 5 cargo 5 bottlerocket/update-operator 5 lock_api 5 deno_runtime 4 tauri 4 evm 4 tremor-script 4 apollo-router 4 raw-cpuid 4 tokio 4 actix-web 4 pleaser 4 apache-avro 3 fltk 3 nanorand 3 slice-deque 3 ammonia 3 crossbeam 3 s2n-quic 3 anoncreds-clsignatures 3 crossbeam-channel 3 h2 3 arr 3 arrow 3 routinator 3 id-map 3 ursa 3 solana_rbpf 3 cgc 3 grin 3 tough 3 acc_reader 3 flatbuffers 3 quiche 3 vec-const 2 simple-slab 2 image 2 pywasm3 2 wasm3 2 hyper-staticfile 2 russh 2 cache 2 metrics-util 2 libp2p-core 2 bronzedb-protocol 2 buffoon 2 rulex 2 inventory 2 tar 2 slack-morphism 2 stack_dst 2 evm-core 2 trust-dns-server 2 slock 2 toodee 2 internment 2 zerocopy 2 v9 2 signal-simple 2 tiny_future 2 rand_core 2 ncurses 2 pnet 2 arenavec 2 parc 2 derive-com-impl 2 bumpalo 2 streebog 2 abi_stable 2 failure 2 memoffset 2 ordnung 2 reorder 2 rust-embed 2 rdiff 2 rsa 2 rocket 2 ticketed_lock 2 opcua 2 csv-sniffer 2 traitobject 2 libgit2-sys 2 multiqueue 2 vm-memory 2 mopa 2 flumedb 2 http 2 binjs_io 2 ozone 2 Deno 2 bite 2 crayon 2 gfx-auxil 2 futures-util 2 lru 2 futures-task 2 sha2 2 tower-http 2 net2 2 array-macro 2 svix 2 columnar 2 nix 2 libsecp256k1 2 molecule 2 abomonation 2 sodiumoxide 2 syncpool 2 gix-transport 2 actix-http 2 ntpd 2 crypto2 2 generator 2 lettre 2 spin 2 tectonic_xdv 2 coreos-installer 2 ash 2 simple_asn1 2 async-h1 2 mio 2 oqs 2 ink_env 1 magick.net-q16-hdri-anycpu 1 branca 1 multihash 1 magick.net-q16-anycpu 1 blurhash 1 webp 1 iced-x86 1 bam 1 Pillow 1 github.com/chai2010/webp 1 diesel 1 actix-utils 1 SkiaSharp 1 electron 1 libwebp-sys 1 libwebp-sys2 1 security-framework 1 linked-hash-map 1 portaudio-rs 1 ripgrep 1 grep-cli 1 calamine 1 pqc_kyber 1 ark-r1cs-std 1 stackvector 1 arc-swap 1 better-macro 1 noise_search 1 model 1 pancurses 1 beef 1 async-coap 1 bigint 1 neon 1 serde_v8 1 perseus-actix-web 1 magick.net-q8-x64 1 magick.net-q8-openmp-x64 1 magick.net-q8-anycpu 1 vodozemac 1 tls-listener 1 self_cell 1 rmp-serde 1 hpack 1 vmm-sys-util 1 libdav1d-sys 1 transpose 1 whoami 1 wasmi 1 lzf 1 snow 1 trillium-client 1 tracing 1 crossbeam-utils 1 trillium-http 1 mail-internals 1 rustls-webpki 1 aliyundrive-webdav 1 aliyundrive-webdav 1 cassandra-cpp 1

Filter by Repository