Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

hex Security Advisories

Loading...
High
GSA_kwCzR0hTQS1wOGY3LTIyZ3EtbTdqOc4AAvXo
Phoenix before 1.6.14 mishandles check_origin wildcarding
Ecosystems: hex
Packages: phoenix
Source: GitHub Advisory Database
Published: 8 months ago
Critical
GSA_kwCzR0hTQS02eDY1LXZxcDctNXI2M84AAR2T
alchemist.vim vulnerable to remote code execution
Ecosystems: hex
Packages: alchemist.vim
Source: GitHub Advisory Database
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS14eDM2LTZydjQtZ2o4cs4AAqnc
ecdsa-elixir fails to check signatures, vulnerable to message forging
Ecosystems: hex
Packages: ecdsa-elixir
Source: GitHub Advisory Database
Published: about 1 year ago
High
GSA_kwCzR0hTQS01djV3LTQ0dzYtcTVods4AAepF
Erlang Solutions MongooseIM vulnerable to denial of service (DoS) via crafted XMPP stream
Ecosystems: hex
Packages: MongooseIM
Source: GitHub Advisory Database
Published: about 1 year ago
Low
GSA_kwCzR0hTQS1oM2doLTk3OHItNzQ3d84AATUz
puppetlabs-rabbitmq allows local users to obtain sensitive information
Ecosystems: hex
Packages: puppetlabs-rabbitmq
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS01NjUzLTQzN2YtNWhtY806oQ
Denial of service
Ecosystems: hex
Packages: pow_assent
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS12MndmLWMzajYtd3B2d806oA
Session fixation
Ecosystems: hex
Packages: pow
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS05aDczLXc3Y2gtcmg3M806nw
Header Injection
Ecosystems: hex
Packages: plug
Source: GitHub Advisory Database
Published: about 1 year ago
High
GSA_kwCzR0hTQS0ycTZ2LTMybXItOHA4eM06nQ
Null Byte Injection in Plug.Static
Ecosystems: hex
Packages: plug
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS01Y2h4LWdnMjUtdjM3bc06nA
Cross-site Scripting in xain
Ecosystems: hex
Packages: xain
Source: GitHub Advisory Database
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS13OThtLTJ4cWctOWN2as06lw
Remote Code Execution in paginator
Ecosystems: hex
Packages: paginator
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1qM2dnLXI2Z3AtOTVxMs06mQ
XSS in HEEx class attributes
Ecosystems: hex
Packages: phoenix_html
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS0yeHh4LWZoYzgtOXF2cc06mA
Missing `is_nil` requirement
Ecosystems: hex
Packages: ecto
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1tcnE4LTUzcjQtM2o1bc0m4g
Permissive parameters and privilege escalation
Ecosystems: hex
Packages: coherence
Source: GitHub Advisory Database
Published: over 1 year ago
Critical
GSA_kwCzR0hTQS00cjJmLTZmbTktMnFnaM4AAw1-
Ecto lacks a protection mechanism
Ecosystems: hex
Packages: ecto
Source: GitHub Advisory Database
Published: 5 months ago
Moderate
GSA_kwCzR0hTQS01ZzJoLTl4NXYtNWgzeM4AAw18
phoenix_html allows Cross-site Scripting in HEEx class attributes
Ecosystems: hex, npm
Packages: phoenix_html
Source: GitHub Advisory Database
Published: 5 months ago
Low
GSA_kwCzR0hTQS05cGY3LWY0N3EtbXdwcc4AAiwc
Cross-site Scripting in RabbitMQ
Ecosystems: hex
Packages: rabbit_common
Source: GitHub Advisory Database
Published: about 1 year ago
High
GSA_kwCzR0hTQS1xcG1jLXdwcnYteDc0Ns06og
Inline DTD allows XML bomb attack
Ecosystems: hex
Packages: sweet_xml
Source: GitHub Advisory Database
Published: about 1 year ago
High
GSA_kwCzR0hTQS01djRtLWM3M3YtYzdncc06ng
Arbitrary Code Execution in Cookie Serialization
Ecosystems: hex
Packages: plug
Source: GitHub Advisory Database
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS1jbWZoLThmOHItZmo5Ns06mw
Arbitrary URL Redirect
Ecosystems: hex
Packages: phoenix
Source: GitHub Advisory Database
Published: about 1 year ago
High
GSA_kwCzR0hTQS1ocmZoLTdqNWYtOGNjcs4AAiwj
Pivotal RabbitMQ is vulnerable to a denial of service attack
Ecosystems: hex
Packages: RabbitMQ
Source: GitHub Advisory Database
Published: about 1 year ago
Filter by Severity
Moderate 5,145 High 4,556 Critical 2,099 Low 676
Filter by Ecosystem
maven 3,859 npm 3,126 pypi 2,605 packagist 1,696 go 1,243 nuget 939 rubygems 711 cargo 640 hex 21 actions 10 pub 5
Filter by Package
plug 3 phoenix 2 ecto 2 phoenix_html 2 coherence 1 RabbitMQ 1 phoenix_html 1 paginator 1 sweet_xml 1 xain 1 pow 1 pow_assent 1 rabbit_common 1 MongooseIM 1 puppetlabs-rabbitmq 1 alchemist.vim 1 ecdsa-elixir 1