Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

pub Security Advisories

Loading...
Moderate
GSA_kwCzR0hTQS1yNzVtLTI2Y3EtbWp4Y84AA6ax
Serverpod improved security for stored password hashes
Ecosystems: pub
Packages: serverpod_auth_server
Source: GitHub Advisory Database
Blast Radius: 3.2
Published: 4 months ago
High
GSA_kwCzR0hTQS1oNng3LXI1cmcteDVmd84AA6aw
Serverpod client accepts any certificate
Ecosystems: pub
Packages: serverpod_client
Source: GitHub Advisory Database
Blast Radius: 9.3
Published: 4 months ago
Moderate
GSA_kwCzR0hTQS01ODQ0LXEzZmMtNTZyaM4AA3lZ
pubnub Insufficient Entropy vulnerability
Ecosystems: swift, pypi, pub, packagist, cargo, rubygems, nuget, go, maven, npm
Packages: github.com/pubnub/swift, pubnub, pubnub/pubnub, Pubnub, github.com/pubnub/go/v5, github.com/pubnub/go/v6, github.com/pubnub/go, github.com/pubnub/go/v7, com.pubnub:pubnub, com.pubnub:pubnub-kotlin
Source: GitHub Advisory Database
Blast Radius: 82.5
Published: 8 months ago
High
GSA_kwCzR0hTQS1yMjg1LXE3MzYtOXY5Nc4AA1lT
Filename spoofing in archive
Ecosystems: pub
Packages: archive
Source: GitHub Advisory Database
Blast Radius: 37.0
Published: 11 months ago
High
GSA_kwCzR0hTQS05djg1LXE4N3EtZzR2Z84AA1lV
Path traversal in Archive
Ecosystems: pub
Packages: archive
Source: GitHub Advisory Database
Blast Radius: 37.0
Published: 11 months ago
High
GSA_kwCzR0hTQS05MzI0LWp2NTMtOWNjOM4AAyNs
dio vulnerable to CRLF injection with HTTP method string
Ecosystems: pub
Packages: dio
Source: GitHub Advisory Database
Blast Radius: 32.7
Published: over 1 year ago
Low
GSA_kwCzR0hTQS00eGg0LXYycHEtanZobc4AAu6V
personnummer/dart vulnerable to Improper Input Validation
Ecosystems: pub
Packages: personnummer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
GSA_kwCzR0hTQS00cmdoLWp4NGYtcWZjcc4AAm_b
http before 0.13.3 vulnerable to header injection
Ecosystems: pub
Packages: http
Source: GitHub Advisory Database
Blast Radius: 30.7
Published: about 2 years ago