Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
pypi label-studio Security Advisories
Loading...
Moderate
Ecosystems: pypi
Packages: label-studio
Source: GitHub Advisory Database
Blast Radius: 8.4
Published: 3 months ago
GSA_kwCzR0hTQS1wNTl3LTlncXctd2o4cs4AA497
Label Studio SSRF on Import Bypassing `SSRF_PROTECTION_ENABLED` ProtectionsEcosystems: pypi
Packages: label-studio
Source: GitHub Advisory Database
Blast Radius: 8.4
Published: 3 months ago
Moderate
Ecosystems: pypi
Packages: label-studio
Source: GitHub Advisory Database
Blast Radius: 7.5
Published: 3 months ago
GSA_kwCzR0hTQS1mcTIzLWc1OG0tNzk5cs4AA4qW
Cross-site Scripting Vulnerability on Data ImportEcosystems: pypi
Packages: label-studio
Source: GitHub Advisory Database
Blast Radius: 7.5
Published: 3 months ago
Moderate
Ecosystems: pypi
Packages: label-studio
Source: GitHub Advisory Database
Blast Radius: 10.3
Published: over 1 year ago
GSA_kwCzR0hTQS1wYzZmLTI1OXctdzNqNs4AAvKN
Heartex - Label Studio Community Edition vulnerable to SSRF in the Data Import moduleEcosystems: pypi
Packages: label-studio
Source: GitHub Advisory Database
Blast Radius: 10.3
Published: over 1 year ago
Moderate
Ecosystems: pypi
Packages: label-studio
Source: GitHub Advisory Database
Blast Radius: 7.5
Published: 2 months ago
GSA_kwCzR0hTQS02eHY5LTk1N2otcWZoZ84AA5dt
Label Studio vulnerable to Cross-site Scripting if `<Choices>` or `<Labels>` are used in labeling configEcosystems: pypi
Packages: label-studio
Source: GitHub Advisory Database
Blast Radius: 7.5
Published: 2 months ago
High
Ecosystems: pypi
Packages: label-studio
Source: GitHub Advisory Database
Blast Radius: 11.9
Published: 6 months ago
GSA_kwCzR0hTQS02aGpqLWdxNzctajRxd84AA3GL
Label Studio Object Relational Mapper Leak Vulnerability in Filtering TaskEcosystems: pypi
Packages: label-studio
Source: GitHub Advisory Database
Blast Radius: 11.9
Published: 6 months ago
High
Ecosystems: pypi
Packages: label-studio
Source: GitHub Advisory Database
Blast Radius: 11.9
Published: about 1 year ago
GSA_kwCzR0hTQS1jcG1yLW13NGotOTlyN84AAyUM
Nginx alias path traversal allows unauthenticated attackers to read all files on /label_studio/core/Ecosystems: pypi
Packages: label-studio
Source: GitHub Advisory Database
Blast Radius: 11.9
Published: about 1 year ago
High
Ecosystems: pypi
Packages: label-studio
Source: GitHub Advisory Database
Blast Radius: 11.3
Published: 3 months ago
GSA_kwCzR0hTQS1xNjhoLXh3cTUtbW03eM4AA4qV
Cross-site Scripting Vulnerability on Avatar UploadEcosystems: pypi
Packages: label-studio
Source: GitHub Advisory Database
Blast Radius: 11.3
Published: 3 months ago
Critical
Ecosystems: pypi
Packages: label-studio
Source: GitHub Advisory Database
Blast Radius: 15.6
Published: 6 months ago
GSA_kwCzR0hTQS1mNDc1LXg4M20tcng1bc4AA3Ax
Label Studio has Hardcoded Django `SECRET_KEY` that can be Abused to Forge Session TokensEcosystems: pypi
Packages: label-studio
Source: GitHub Advisory Database
Blast Radius: 15.6
Published: 6 months ago
Statistics
Advisories: 18,369
Packages: 8,294
Repositories: 2
Ecosystems: 12
Packages: 8,294
Repositories: 2
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
tensorflow
432
tensorflow-cpu
387
tensorflow-gpu
384
django
80
apache-airflow
78
ansible
63
salt
50
apache-superset
48
Plone
45
plone
43
rdiffweb
42
Pillow
41
vyper
38
matrix-synapse
35
mlflow
31
opencv-python
30
opencv-contrib-python
30
Django
27
moin
23
langchain
18
PaddlePaddle
17
mercurial
17
cobbler
17
pillow
16
nova
15
paddlepaddle
15
notebook
15
cryptography
15
gradio
14
modoboa
14
pyftpdlib
14
keystone
14
pyload-ng
14
neutron
13
OctoPrint
12
vantage6
12
glance
11
calibreweb
11
twisted
11
urllib3
11
aiohttp
11
onionshare-cli
11
trytond
10
wagtail
10
Flask-AppBuilder
10
zope
9
opencv-contrib-python-headless
9
opencv-python-headless
9
ethyca-fides
9
waitress
9
Zope
9
kiwitcms
9
trac
8
numpy
8
python-keystoneclient
8
aubio
8
roundup
8
nautobot
8
label-studio
8
swift
7
jupyter-server
7
pysaml2
7
pgadmin4
7
lief
7
scrapy
7
ipython
7
pip
7
matrix-sydent
7
mailman
6
apache-airflow-providers-apache-hive
6
lxml
6
Zope2
6
sentry
6
tuf
6
web2py
6
horizon
6
graphite-web
6
mindsdb
6
inventree
6
bleach
5
pyspark
5
saleor
5
lmdb
5
ckan
5
requests
5
python-gnupg
5
feedparser
5
whoogle-search
5
Products.CMFPlone
5
paramiko
5
cinder
5
jupyterhub
4
tripleo-heat-templates
4
bottle
4
Radicale
4
aws-iot-device-sdk-v2
4
Pygments
4
reportlab
4
software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
4
markdown2
4
awsiotsdk
4
nltk
4
starlette
4
nvflare
4
datasette
4
Jinja2
4
ansible-core
4
transformers
4
esphome
4
httpie
4
Flask-Security-Too
4
grpc
4
keylime
4
grpcio
4
oauthenticator
4
FreeTAKServer-UI
4
tornado
4
PyPDF2
4
buildbot
4
pretix
4
werkzeug
4
GitPython
4
omero-web
4
yt-dlp
4
jwcrypto
4
qutebrowser
4
mistune
3
Mezzanine
3
gerapy
3
SQLAlchemy
3
copyparty
3
django-helpdesk
3
Werkzeug
3
dulwich
3
pyyaml
3
sanic
3
flask
3
pandasai
3
mayan-edms
3
barbican
3
aim
3
indy-node
3
protobuf
3
ryu
3
streamlit
3
httplib2
3
sosreport
3
zenml
3
sickrage
3
rsa
3
Weblate
3
ujson
3
openvpn-monitor
3
Keystone
3
pyarrow
3
Products.PluggableAuthService
3
changedetection.io
3
ajenti
3
fava
3
Moin
3
pycrypto
3
mitmproxy
3
keyring
3
io.grpc:grpc-protobuf
3
wger
3
apache-libcloud
3
ecdsa
3
plone.app.event
3
plone.app.theming
3
plone.app.dexterity
3
plone.supermodel
3
sqlparse
3
homeassistant
3
onnx
3
asyncua
3
torchserve
3
ansible-runner
3
localstack
3
poetry
3
bitlyshortener
3
indico
3
octavia
3
slixmpp
3
jupyterlab
3
clearml
3
docassemble.webapp
3
apache-iotdb
3
asyncssh
3
quokka
3
pywasm3
3
apache-airflow-providers-apache-spark
3
ray
3
python-jose
3
pymatgen
2
pyxdg
2
openapi-python-client
2
wagtail-2fa
2
zope2
2
py
2
ctx
2