Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
pypi nautobot Security Advisories
Loading...
High
Ecosystems: pypi
Packages: nautobot
Source: GitHub Advisory Database
Blast Radius: 12.9
Published: 7 months ago
GSA_kwCzR0hTQS1yMmh3LTc0eHYtNGdxcM4AA2oV
Nautobot vulnerable to exposure of hashed user passwords via REST APIEcosystems: pypi
Packages: nautobot
Source: GitHub Advisory Database
Blast Radius: 12.9
Published: 7 months ago
High
Ecosystems: pypi
Packages: nautobot
Source: GitHub Advisory Database
Blast Radius: 12.5
Published: about 1 year ago
GSA_kwCzR0hTQS04bWZxLWY1d2otdnc1bc4AAxw5
Nautobot vulnerable to remote code execution via Jinja2 template renderingEcosystems: pypi
Packages: nautobot
Source: GitHub Advisory Database
Blast Radius: 12.5
Published: about 1 year ago
High
Ecosystems: pypi
Packages: nautobot
Source: GitHub Advisory Database
Blast Radius: 12.5
Published: 8 days ago
GSA_kwCzR0hTQS1qeGdyLWdjajUtY3FxZ84AA7cp
nautobot has reflected Cross-site Scripting potential in all object list viewsEcosystems: pypi
Packages: nautobot
Source: GitHub Advisory Database
Blast Radius: 12.5
Published: 8 days ago
High
Ecosystems: pypi
Packages: nautobot
Source: GitHub Advisory Database
Blast Radius: 11.9
Published: 4 months ago
GSA_kwCzR0hTQS12NHh2LTc5NWgtcnY0aM4AA4oT
XSS potential in rendered Markdown fields (comments, description, notes, etc.)Ecosystems: pypi
Packages: nautobot
Source: GitHub Advisory Database
Blast Radius: 11.9
Published: 4 months ago
High
Ecosystems: pypi
Packages: nautobot
Source: GitHub Advisory Database
Blast Radius: 11.9
Published: 6 months ago
GSA_kwCzR0hTQS1jZjlmLXdtaHAtdjRwcs4AA3U3
Cross-site Scripting potential in custom links, job buttons, and computed fieldsEcosystems: pypi
Packages: nautobot
Source: GitHub Advisory Database
Blast Radius: 11.9
Published: 6 months ago
Low
Ecosystems: pypi
Packages: nautobot
Source: GitHub Advisory Database
Blast Radius: 6.2
Published: about 1 month ago
GSA_kwCzR0hTQS1tNzMyLXd2aDItN2NxNM4AA6R7
Unauthenticated views may expose information to anonymous usersEcosystems: pypi
Packages: nautobot
Source: GitHub Advisory Database
Blast Radius: 6.2
Published: about 1 month ago
Low
Ecosystems: pypi
Packages: nautobot
Source: GitHub Advisory Database
Blast Radius: 6.2
Published: 5 months ago
GSA_kwCzR0hTQS03NW1jLTNwamMtNzI3cc4AA3uo
Unauthenticated db-file-storage viewsEcosystems: pypi
Packages: nautobot
Source: GitHub Advisory Database
Blast Radius: 6.2
Published: 5 months ago
Low
Ecosystems: pypi
Packages: nautobot
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: 5 months ago
GSA_kwCzR0hTQS12ZjVtLXhyaG0tdjk5Oc4AA4AF
Nautobot missing object-level permissions enforcement when running Job ButtonsEcosystems: pypi
Packages: nautobot
Source: GitHub Advisory Database
Blast Radius: 5.9
Published: 5 months ago
Statistics
Advisories: 18,425
Packages: 8,309
Repositories: 1
Ecosystems: 12
Packages: 8,309
Repositories: 1
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
tensorflow
432
tensorflow-cpu
387
tensorflow-gpu
384
django
80
apache-airflow
78
ansible
63
salt
51
apache-superset
49
Plone
47
plone
43
rdiffweb
42
Pillow
41
vyper
38
matrix-synapse
35
mlflow
31
opencv-contrib-python
30
opencv-python
30
Django
28
moin
23
langchain
18
PaddlePaddle
17
mercurial
17
cobbler
17
nova
17
pillow
16
keystone
16
cryptography
15
paddlepaddle
15
gradio
15
notebook
15
modoboa
14
pyftpdlib
14
pyload-ng
14
neutron
13
vantage6
12
OctoPrint
12
glance
11
urllib3
11
calibreweb
11
twisted
11
aiohttp
11
onionshare-cli
11
trytond
10
Flask-AppBuilder
10
wagtail
10
ethyca-fides
9
kiwitcms
9
ryu
9
Zope
9
zope
9
opencv-python-headless
9
opencv-contrib-python-headless
9
waitress
9
nautobot
8
label-studio
8
trac
8
aubio
8
numpy
8
python-keystoneclient
8
roundup
8
pip
7
matrix-sydent
7
jupyter-server
7
scrapy
7
pgadmin4
7
lief
7
pysaml2
7
swift
7
ipython
7
mailman
6
Zope2
6
apache-airflow-providers-apache-hive
6
horizon
6
sentry
6
lxml
6
mindsdb
6
graphite-web
6
inventree
6
web2py
6
tuf
6
lmdb
5
saleor
5
feedparser
5
Jinja2
5
requests
5
bleach
5
pyspark
5
python-gnupg
5
Products.CMFPlone
5
whoogle-search
5
cinder
5
ckan
5
Moin
5
paramiko
5
PyPDF2
4
omero-web
4
keylime
4
Pygments
4
reportlab
4
markdown2
4
Werkzeug
4
nvflare
4
yt-dlp
4
Radicale
4
Flask-Security-Too
4
pretix
4
datasette
4
ansible-core
4
Keystone
4
grpc
4
qutebrowser
4
nltk
4
tripleo-heat-templates
4
starlette
4
werkzeug
4
grpcio
4
software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
4
jupyterhub
4
oauthenticator
4
jwcrypto
4
httpie
4
transformers
4
aws-iot-device-sdk-v2
4
awsiotsdk
4
buildbot
4
tornado
4
esphome
4
FreeTAKServer-UI
4
bottle
4
GitPython
4
mistune
3
copyparty
3
ansible-runner
3
fava
3
keystonemiddleware
3
asyncua
3
Nova
3
protobuf
3
rsa
3
wger
3
sanic
3
gerapy
3
flask
3
pandasai
3
apache-iotdb
3
barbican
3
keyring
3
mayan-edms
3
ajenti
3
Products.PluggableAuthService
3
openvpn-monitor
3
pywasm3
3
indico
3
aim
3
bitlyshortener
3
indy-node
3
ecdsa
3
streamlit
3
clearml
3
Mezzanine
3
docassemble.webapp
3
django-helpdesk
3
onnx
3
plone.supermodel
3
ray
3
mitmproxy
3
zenml
3
quokka
3
Kallithea
3
apache-libcloud
3
plone.app.dexterity
3
plone.app.theming
3
asyncssh
3
pyarrow
3
plone.app.event
3
io.grpc:grpc-protobuf
3
changedetection.io
3
SQLAlchemy
3
pyyaml
3
dulwich
3
sqlparse
3
httplib2
3
sosreport
3
localstack
3
poetry
3
homeassistant
3
pycrypto
3
sickrage
3
jupyterlab
3
octavia
3
torchserve
3
slixmpp
3
apache-airflow-providers-apache-spark
3
Weblate
3
ujson
3
python-jose
3
ctx
2
scalyr-agent-2
2
aws-encryption-sdk-cli
2
uvicorn
2
Filter by Repository