Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

pypi vantage6 Security Advisories

Loading...
High
GSA_kwCzR0hTQS13OWgyLXB4ODctNzR2eM4AA48x
vantage6 remote code execution vulnerability
Ecosystems: pypi
Packages: vantage6
Source: GitHub Advisory Database
Blast Radius: 8.4
Published: 3 months ago
High
GSA_kwCzR0hTQS00dzU5LWMzZ2MtcnJocM4AAx3q
vantage6 refresh tokens do not expire
Ecosystems: pypi
Packages: vantage6
Source: GitHub Advisory Database
Blast Radius: 8.4
Published: about 1 year ago
High
GSA_kwCzR0hTQS01bTIyLWNmcTktODZ4Ns4AA2cN
Pickle serialization vulnerable to Deserialization of Untrusted Data
Ecosystems: pypi
Packages: vantage6
Source: GitHub Advisory Database
Blast Radius: 6.9
Published: 7 months ago
Moderate
GSA_kwCzR0hTQS0zNmd4LTlxNmgtZzQyOc4AAx3o
vantage6 vulnerable to Observable Response Discrepancy
Ecosystems: pypi
Packages: vantage6
Source: GitHub Advisory Database
Blast Radius: 6.2
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS12dmp2LTk3ajgtOTR4aM4AAx3p
vantage6 vulnerable to Improper Preservation of Permissions
Ecosystems: pypi
Packages: vantage6
Source: GitHub Advisory Database
Blast Radius: 6.2
Published: about 1 year ago
Moderate
GSA_kwCzR0hTQS0yd2djLTQ4ZzItY2o1d84AA48z
vantage6 has insecure SSH configuration for node and server containers
Ecosystems: pypi
Packages: vantage6
Source: GitHub Advisory Database
Blast Radius: 6.2
Published: 3 months ago
Moderate
GSA_kwCzR0hTQS03eDk0LTZnMm0tM2hwMs4AA2cP
Defining resource name as integer may give unintended access in vantage6
Ecosystems: pypi
Packages: vantage6-node, vantage6
Source: GitHub Advisory Database
Blast Radius: 5.2
Published: 7 months ago
Moderate
GSA_kwCzR0hTQS1nYzU3LXhoaDUtbTk0cs4AA2cO
Improper Access Control in vantage6
Ecosystems: pypi
Packages: vantage6
Source: GitHub Advisory Database
Blast Radius: 5.2
Published: 7 months ago
Moderate
GSA_kwCzR0hTQS01aDN4LTZnd2YtNzNqbc4AA6B2
vantage6 vulnerable to a username timing attack on recover password/MFA token
Ecosystems: pypi
Packages: vantage6
Source: GitHub Advisory Database
Blast Radius: 5.1
Published: about 2 months ago
Moderate
GSA_kwCzR0hTQS00OTQ2LTg1cHItZnZ4aM4AA6B1
vantage6's CORS settings overly permissive
Ecosystems: pypi
Packages: vantage6
Source: GitHub Advisory Database
Blast Radius: 4.0
Published: about 2 months ago
Low
GSA_kwCzR0hTQS1yZjU0LTdxcnItOTZqNs4AA2ea
vantage6 does not properly delete linked resources when deleting a collaboration
Ecosystems: pypi
Packages: vantage6
Source: GitHub Advisory Database
Blast Radius: 3.5
Published: 7 months ago
Low
GSA_kwCzR0hTQS1yam12LTUybXAtZ2pycs4AA480
vantage6 may create unencrypted tasks in encrypted collaboration
Ecosystems: pypi
Packages: vantage6
Source: GitHub Advisory Database
Blast Radius: 3.3
Published: 3 months ago
Statistics
Advisories: 18,389
Packages: 8,298
Repositories: 1
Ecosystems: 12
Filter by Severity
Moderate 7,943 High 6,361 Critical 2,810 Low 985
Filter by Ecosystem
maven 5,531 packagist 3,813 pypi 3,726 npm 3,543 go 1,897 nuget 1,390 rubygems 814 cargo 777 swift 31 hex 30 actions 16 pub 8
Filter by Package
tensorflow 432 tensorflow-cpu 387 tensorflow-gpu 384 django 80 apache-airflow 78 ansible 63 salt 50 apache-superset 48 Plone 45 plone 43 rdiffweb 42 Pillow 41 vyper 38 matrix-synapse 35 mlflow 31 opencv-contrib-python 30 opencv-python 30 Django 27 moin 23 langchain 18 PaddlePaddle 17 mercurial 17 cobbler 17 pillow 16 gradio 15 nova 15 paddlepaddle 15 cryptography 15 notebook 15 modoboa 14 pyftpdlib 14 keystone 14 pyload-ng 14 neutron 13 OctoPrint 12 vantage6 12 glance 11 urllib3 11 calibreweb 11 twisted 11 onionshare-cli 11 aiohttp 11 wagtail 10 Flask-AppBuilder 10 trytond 10 zope 9 opencv-contrib-python-headless 9 opencv-python-headless 9 Zope 9 ryu 9 waitress 9 kiwitcms 9 ethyca-fides 9 roundup 8 trac 8 numpy 8 nautobot 8 python-keystoneclient 8 label-studio 8 aubio 8 jupyter-server 7 swift 7 scrapy 7 matrix-sydent 7 pysaml2 7 ipython 7 pgadmin4 7 lief 7 pip 7 apache-airflow-providers-apache-hive 6 graphite-web 6 horizon 6 lxml 6 tuf 6 sentry 6 mindsdb 6 web2py 6 mailman 6 Zope2 6 inventree 6 lmdb 5 python-gnupg 5 feedparser 5 Jinja2 5 paramiko 5 whoogle-search 5 requests 5 Products.CMFPlone 5 ckan 5 bleach 5 cinder 5 pyspark 5 saleor 5 httpie 4 grpc 4 grpcio 4 oauthenticator 4 tornado 4 keylime 4 nvflare 4 PyPDF2 4 starlette 4 FreeTAKServer-UI 4 ansible-core 4 datasette 4 transformers 4 markdown2 4 reportlab 4 qutebrowser 4 nltk 4 yt-dlp 4 Pygments 4 jupyterhub 4 werkzeug 4 buildbot 4 Flask-Security-Too 4 omero-web 4 Werkzeug 4 esphome 4 GitPython 4 bottle 4 tripleo-heat-templates 4 Radicale 4 awsiotsdk 4 jwcrypto 4 pretix 4 aws-iot-device-sdk-v2 4 software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk 4 sosreport 3 bitlyshortener 3 localstack 3 indico 3 Moin 3 poetry 3 pywasm3 3 sickrage 3 onnx 3 gerapy 3 plone.supermodel 3 protobuf 3 plone.app.dexterity 3 plone.app.theming 3 plone.app.event 3 httplib2 3 apache-libcloud 3 ray 3 django-helpdesk 3 ecdsa 3 zenml 3 asyncssh 3 ajenti 3 barbican 3 pyarrow 3 python-jose 3 changedetection.io 3 fava 3 sanic 3 rsa 3 Products.PluggableAuthService 3 sqlparse 3 apache-iotdb 3 asyncua 3 wger 3 keyring 3 Mezzanine 3 jupyterlab 3 flask 3 dulwich 3 pycrypto 3 homeassistant 3 aim 3 indy-node 3 octavia 3 mistune 3 slixmpp 3 apache-airflow-providers-apache-spark 3 ujson 3 copyparty 3 streamlit 3 clearml 3 torchserve 3 docassemble.webapp 3 Weblate 3 pyyaml 3 SQLAlchemy 3 quokka 3 openvpn-monitor 3 Keystone 3 mayan-edms 3 pandasai 3 ansible-runner 3 mitmproxy 3 io.grpc:grpc-protobuf 3 zope2 2 djblets 2 ubi-reader 2 wagtail-2fa 2 Products.CMFCore 2 jinja2 2 untangle 2
Filter by Repository
https://github.com/vantage6/vantage6 12