Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
pypi Security Advisories
Loading...
Low
Ecosystems: pypi
Packages: wagtail
Source: GitHub Advisory Database
Blast Radius: 8.9
Published: 7 months ago
GSA_kwCzR0hTQS1mYzc1LTU4cjgtcm0zaM4AA2kA
Wagtail vulnerable to disclosure of user names via admin bulk action viewsEcosystems: pypi
Packages: wagtail
Source: GitHub Advisory Database
Blast Radius: 8.9
Published: 7 months ago
Moderate
Ecosystems: pypi
Packages: torbot
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
GSA_kwCzR0hTQS03MnF3LXA3aGgtbTNmZs4AA2ju
TorBot vulnerable to Inefficient Regular Expression Complexity in validate_linkEcosystems: pypi
Packages: torbot
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 7 months ago
High
Ecosystems: pypi
Packages: langchain
Source: GitHub Advisory Database
Blast Radius: 37.6
Published: 7 months ago
GSA_kwCzR0hTQS02NTV3LWZtOG0tbTQ3OM4AA2ja
LangChain Server Side Request Forgery vulnerabilityEcosystems: pypi
Packages: langchain
Source: GitHub Advisory Database
Blast Radius: 37.6
Published: 7 months ago
Moderate
Ecosystems: pypi
Packages: urllib3
Source: GitHub Advisory Database
Blast Radius: 23.6
Published: 7 months ago
GSA_kwCzR0hTQS1nNG14LXE5dmctMjdwNM4AA2gt
urllib3's request body not stripped after redirect from 303 status changes request method to GETEcosystems: pypi
Packages: urllib3
Source: GitHub Advisory Database
Blast Radius: 23.6
Published: 7 months ago
Low
Ecosystems: pypi
Packages: vantage6
Source: GitHub Advisory Database
Blast Radius: 3.5
Published: 7 months ago
GSA_kwCzR0hTQS1yZjU0LTdxcnItOTZqNs4AA2ea
vantage6 does not properly delete linked resources when deleting a collaborationEcosystems: pypi
Packages: vantage6
Source: GitHub Advisory Database
Blast Radius: 3.5
Published: 7 months ago
Moderate
Ecosystems: pypi
Packages: urllib3
Source: GitHub Advisory Database
Blast Radius: 34.3
Published: 7 months ago
GSA_kwCzR0hTQS1nd3ZtLTQ1Z3gtM2NmOM4AA2c6
Authorization Header forwarded on redirectEcosystems: pypi
Packages: urllib3
Source: GitHub Advisory Database
Blast Radius: 34.3
Published: 7 months ago
Moderate
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: 7 months ago
GSA_kwCzR0hTQS1qM3c4LTJwMmgtbXJyOc4AA2ci
Apache Airflow vulnerable to privilege escalationEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: 7 months ago
Moderate
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: 7 months ago
GSA_kwCzR0hTQS1jZ3gyLXJybXItang0M84AA2ch
Apache Airflow vulnerable to sensitive information exposure when users list warnings for all DAGsEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: 7 months ago
Moderate
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 13.7
Published: 7 months ago
GSA_kwCzR0hTQS1mcHh4LXh2NGMtZ3hxcM4AA2cj
Apache Airflow vulnerable to sensitive information exposure when expose-config is set to non-sensitive-onlyEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 13.7
Published: 7 months ago
Moderate
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: 7 months ago
GSA_kwCzR0hTQS0zMndyLXFxdzYtNW1mcM4AA2cg
Apache Airflow vulnerable to sensitive information exposureEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: 7 months ago
Critical
Ecosystems: pypi
Packages: pyminizip
Source: GitHub Advisory Database
Blast Radius: 21.2
Published: 7 months ago
GSA_kwCzR0hTQS1tcTI5LWo1eGYtY2p3cs4AA2cZ
pyminizip affected by zlib's integer overflow/heap based buffer overflow vulnerability due to vulnerable dependencyEcosystems: pypi
Packages: pyminizip
Source: GitHub Advisory Database
Blast Radius: 21.2
Published: 7 months ago
Moderate
Ecosystems: pypi
Packages: vantage6-node, vantage6
Source: GitHub Advisory Database
Blast Radius: 5.2
Published: 7 months ago
GSA_kwCzR0hTQS03eDk0LTZnMm0tM2hwMs4AA2cP
Defining resource name as integer may give unintended access in vantage6Ecosystems: pypi
Packages: vantage6-node, vantage6
Source: GitHub Advisory Database
Blast Radius: 5.2
Published: 7 months ago
Moderate
Ecosystems: pypi
Packages: vantage6
Source: GitHub Advisory Database
Blast Radius: 5.2
Published: 7 months ago
GSA_kwCzR0hTQS1nYzU3LXhoaDUtbTk0cs4AA2cO
Improper Access Control in vantage6Ecosystems: pypi
Packages: vantage6
Source: GitHub Advisory Database
Blast Radius: 5.2
Published: 7 months ago
High
Ecosystems: pypi
Packages: vantage6
Source: GitHub Advisory Database
Blast Radius: 6.9
Published: 7 months ago
GSA_kwCzR0hTQS01bTIyLWNmcTktODZ4Ns4AA2cN
Pickle serialization vulnerable to Deserialization of Untrusted DataEcosystems: pypi
Packages: vantage6
Source: GitHub Advisory Database
Blast Radius: 6.9
Published: 7 months ago
Moderate
Ecosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Blast Radius: 6.9
Published: 7 months ago
GSA_kwCzR0hTQS01Y2hyLXdqdzUtM2dxNM4AA2X1
matrix-synapse vulnerable to denial of service due to malicious server ACL eventsEcosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Blast Radius: 6.9
Published: 7 months ago
Moderate
Ecosystems: pypi
Packages: OctoPrint
Source: GitHub Advisory Database
Blast Radius: 5.1
Published: 7 months ago
GSA_kwCzR0hTQS1md2ZnLXZwcmgtOTdwaM4AA2Xz
OctoPrint vulnerable to Improper Neutralization of Special Elements Used in a Template EngineEcosystems: pypi
Packages: OctoPrint
Source: GitHub Advisory Database
Blast Radius: 5.1
Published: 7 months ago
Moderate
Ecosystems: pypi, maven, nuget
Packages: commondatamodel-objectmodel, com.microsoft.commondatamodel:objectmodel, Microsoft.CommonDataModel.ObjectModel
Source: GitHub Advisory Database
Blast Radius: 7.2
Published: 7 months ago
GSA_kwCzR0hTQS12bTJtLTdocHctZnBtcc4AA2XX
Microsoft Common Data Model SDK Denial of Service VulnerabilityEcosystems: pypi, maven, nuget
Packages: commondatamodel-objectmodel, com.microsoft.commondatamodel:objectmodel, Microsoft.CommonDataModel.ObjectModel
Source: GitHub Advisory Database
Blast Radius: 7.2
Published: 7 months ago
Critical
Ecosystems: pypi
Packages: langchain-experimental
Source: GitHub Advisory Database
Blast Radius: 22.7
Published: 7 months ago
GSA_kwCzR0hTQS1nampyLTYzeDQtdjhjcc4AA2Tu
langchain_experimental vulnerable to arbitrary code execution via PALChain in the python exec methodEcosystems: pypi
Packages: langchain-experimental
Source: GitHub Advisory Database
Blast Radius: 22.7
Published: 7 months ago
High
Ecosystems: pypi
Packages: webp
Source: GitHub Advisory Database
Blast Radius: 12.9
Published: 7 months ago
GSA_kwCzR0hTQS1mOXBtLTRnOXAtNnZtM84AA2Rp
Bundled libwebp in pywebp vulnerableEcosystems: pypi
Packages: webp
Source: GitHub Advisory Database
Blast Radius: 12.9
Published: 7 months ago
High
Ecosystems: pypi
Packages: ni-measurementlink-service
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
GSA_kwCzR0hTQS0zZjQ4LTlqN3EtcTJnds4AA2Qr
NI MeasurementLink Python Services Improper Access Restriction vulnerabilityEcosystems: pypi
Packages: ni-measurementlink-service
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
High
Ecosystems: pypi
Packages: imagecodecs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
GSA_kwCzR0hTQS05NHZjLXA4dzctNXA0Oc4AA2QD
Bundled libwebp in imagecodecs vulnerableEcosystems: pypi
Packages: imagecodecs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
High
Ecosystems: pypi
Packages: pillow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
GSA_kwCzR0hTQS01NnB3LW1wajQtZnh3d84AA2QC
Bundled libwebp in Pillow vulnerableEcosystems: pypi
Packages: pillow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
Low
Ecosystems: pypi
Packages: Zope
Source: GitHub Advisory Database
Blast Radius: 6.4
Published: 8 months ago
GSA_kwCzR0hTQS1tNzU1LWd4eGctcjVxaM4AA2Pw
Zope management interface vulnerable to stored cross site scripting via the title propertyEcosystems: pypi
Packages: Zope
Source: GitHub Advisory Database
Blast Radius: 6.4
Published: 8 months ago
Moderate
Ecosystems: pypi
Packages: ansible-core
Source: GitHub Advisory Database
Blast Radius: 21.6
Published: 8 months ago
GSA_kwCzR0hTQS13dzNtLWZmcm0tcXZxds4AA2Ph
Ansible may expose private keyEcosystems: pypi
Packages: ansible-core
Source: GitHub Advisory Database
Blast Radius: 21.6
Published: 8 months ago
High
Ecosystems: pypi
Packages: asyncua
Source: GitHub Advisory Database
Blast Radius: 12.5
Published: 8 months ago
GSA_kwCzR0hTQS0yODk0LXFjcWYtZzIzZ84AA2Ml
asyncua Improper Authentication vulnerabilityEcosystems: pypi
Packages: asyncua
Source: GitHub Advisory Database
Blast Radius: 12.5
Published: 8 months ago
High
Ecosystems: pypi
Packages: asyncua
Source: GitHub Advisory Database
Blast Radius: 12.5
Published: 8 months ago
GSA_kwCzR0hTQS1nZnZxLW14dzMtbWZxM84AA2Mo
asyncua vulnerable to denial of service via infinite loopEcosystems: pypi
Packages: asyncua
Source: GitHub Advisory Database
Blast Radius: 12.5
Published: 8 months ago
High
Ecosystems: pypi
Packages: opentelemetry-instrumentation
Source: GitHub Advisory Database
Blast Radius: 24.7
Published: 8 months ago
GSA_kwCzR0hTQS01cnY1LTZoNHItaDIyds4AA2ME
opentelemetry-instrumentation Denial of Service vulnerability due to unbound cardinality metricsEcosystems: pypi
Packages: opentelemetry-instrumentation
Source: GitHub Advisory Database
Blast Radius: 24.7
Published: 8 months ago
Moderate
Ecosystems: pypi
Packages: urllib3
Source: GitHub Advisory Database
Blast Radius: 33.2
Published: 8 months ago
GSA_kwCzR0hTQS12ODQ1LWp4eDUtdmM5Zs4AA2MD
`Cookie` HTTP header isn't stripped on cross-origin redirectsEcosystems: pypi
Packages: urllib3
Source: GitHub Advisory Database
Blast Radius: 33.2
Published: 8 months ago
Moderate
Ecosystems: pypi
Packages: pretix
Source: GitHub Advisory Database
Blast Radius: 4.8
Published: 8 months ago
GSA_kwCzR0hTQS1qOWdxLXc3M3ctOWg2Y84AA2L3
pretix potential IP address spoofing vulnerabilityEcosystems: pypi
Packages: pretix
Source: GitHub Advisory Database
Blast Radius: 4.8
Published: 8 months ago
Critical
Ecosystems: pypi
Packages: torchserve
Source: GitHub Advisory Database
Blast Radius: 20.3
Published: 8 months ago
GSA_kwCzR0hTQS04ZnhyLXFmcjktcDM0d84AA2Lz
TorchServe Server-Side Request Forgery vulnerabilityEcosystems: pypi
Packages: torchserve
Source: GitHub Advisory Database
Blast Radius: 20.3
Published: 8 months ago
Critical
Ecosystems: pypi
Packages: torchserve
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: 8 months ago
GSA_kwCzR0hTQS00bXFnLWg1amYtajltN84AA2Ly
TorchServe Pre-Auth Remote Code ExecutionEcosystems: pypi
Packages: torchserve
Source: GitHub Advisory Database
Blast Radius: 20.8
Published: 8 months ago
High
Ecosystems: pypi, maven
Packages: avro, org.apache.avro:avro
Source: GitHub Advisory Database
Blast Radius: 54.2
Published: 8 months ago
GSA_kwCzR0hTQS1yaHJ2LTY0NWgtZmpmaM4AA2Jb
Apache Avro Java SDK vulnerable to Improper Input ValidationEcosystems: pypi, maven
Packages: avro, org.apache.avro:avro
Source: GitHub Advisory Database
Blast Radius: 54.2
Published: 8 months ago
High
Ecosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 4.2
Published: 8 months ago
GSA_kwCzR0hTQS1jNHJ2LTJqNngtcHE3eM4AA2JC
Rdiffweb Allocation of Resources Without Limits or Throttling vulnerabilityEcosystems: pypi
Packages: rdiffweb
Source: GitHub Advisory Database
Blast Radius: 4.2
Published: 8 months ago
High
Ecosystems: pypi
Packages: pretix
Source: GitHub Advisory Database
Blast Radius: 7.0
Published: 8 months ago
GSA_kwCzR0hTQS05anZ4LXA2bXEtZnc0ds4AA2Ij
pretix allows Pillow to parse EPS filesEcosystems: pypi
Packages: pretix
Source: GitHub Advisory Database
Blast Radius: 7.0
Published: 8 months ago
High
Ecosystems: pypi
Packages: pydash
Source: GitHub Advisory Database
Blast Radius: 21.9
Published: 8 months ago
GSA_kwCzR0hTQS04bWpyLTZjOTYtMzl3OM4AA2Hh
pydash Command Injection vulnerabilityEcosystems: pypi
Packages: pydash
Source: GitHub Advisory Database
Blast Radius: 21.9
Published: 8 months ago
Moderate
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 8 months ago
GSA_kwCzR0hTQS1jeDJxLWhmeHItcmo5N84AA2C3
Vyper's `_abi_decode` input not validated in complex expressionsEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 8 months ago
Low
Ecosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Blast Radius: 4.4
Published: 8 months ago
GSA_kwCzR0hTQS03NTY1LWNxMzItdngyeM4AA2C2
matrix-synapse vulnerable to improper validation of receipts allows forged read receiptsEcosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Blast Radius: 4.4
Published: 8 months ago
Low
Ecosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Blast Radius: 5.2
Published: 8 months ago
GSA_kwCzR0hTQS00Zjc0LTg0djMtajlxNc4AA2C1
matrix-synapse vulnerable to temporary storage of plaintext passwords during password changesEcosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Blast Radius: 5.2
Published: 8 months ago
Critical
Ecosystems: pypi
Packages: searchor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
GSA_kwCzR0hTQS02Nm0yLTQ5M20tY3JoMs4AA2CV
Searchor CLI's Search vulnerable to Arbitrary Code using EvalEcosystems: pypi
Packages: searchor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
High
Ecosystems: pypi
Packages: yt-dlp
Source: GitHub Advisory Database
Blast Radius: 29.8
Published: 8 months ago
GSA_kwCzR0hTQS00Mmg0LXYyOXItNDJxZ84AA2Bw
yt-dlp on Windows vulnerable to `--exec` command injection when using `%q`Ecosystems: pypi
Packages: yt-dlp
Source: GitHub Advisory Database
Blast Radius: 29.8
Published: 8 months ago
Critical
Ecosystems: pypi
Packages: gevent
Source: GitHub Advisory Database
Blast Radius: 44.7
Published: 8 months ago
GSA_kwCzR0hTQS14N20zLWpwcmctd2M1Z84AA2Bl
Gevent allows remote attacker to escalate privilegesEcosystems: pypi
Packages: gevent
Source: GitHub Advisory Database
Blast Radius: 44.7
Published: 8 months ago
Moderate
Ecosystems: pypi
Packages: barbican
Source: GitHub Advisory Database
Blast Radius: 2.9
Published: 8 months ago
GSA_kwCzR0hTQS02cng5LWMycmgtM3F2NM4AA2A7
OpenStack Barbican information disclosure vulnerabilityEcosystems: pypi
Packages: barbican
Source: GitHub Advisory Database
Blast Radius: 2.9
Published: 8 months ago
Moderate
Ecosystems: pypi
Packages: barbican
Source: GitHub Advisory Database
Blast Radius: 3.1
Published: 8 months ago
GSA_kwCzR0hTQS02cXFwLTR2bTMtMzU5ds4AA2A5
OpenStack Barbican credential leak flawEcosystems: pypi
Packages: barbican
Source: GitHub Advisory Database
Blast Radius: 3.1
Published: 8 months ago
High
Ecosystems: pypi
Packages: openstack-heat
Source: GitHub Advisory Database
Blast Radius: 7.7
Published: 8 months ago
GSA_kwCzR0hTQS01ODM2LWdyY2MtOGo4Oc4AA2A4
OpenStack Heat information leak vulnerabilityEcosystems: pypi
Packages: openstack-heat
Source: GitHub Advisory Database
Blast Radius: 7.7
Published: 8 months ago
Moderate
Ecosystems: pypi
Packages: pgadmin4
Source: GitHub Advisory Database
Blast Radius: 10.2
Published: 8 months ago
GSA_kwCzR0hTQS1naHA4LTUydngtNzdqNM4AA2Al
pgAdmin failed to properly control the server codeEcosystems: pypi
Packages: pgadmin4
Source: GitHub Advisory Database
Blast Radius: 10.2
Published: 8 months ago
Low
Ecosystems: pypi
Packages: plone.restapi
Source: GitHub Advisory Database
Blast Radius: 8.0
Published: 8 months ago
GSA_kwCzR0hTQS1oYzVjLXI4bTUtMmdmaM4AA1_4
plone.restapi vulnerable to Stored Cross Site Scripting with SVG image in user portraitEcosystems: pypi
Packages: plone.restapi
Source: GitHub Advisory Database
Blast Radius: 8.0
Published: 8 months ago
Low
Ecosystems: pypi
Packages: plone.namedfile
Source: GitHub Advisory Database
Blast Radius: 9.0
Published: 8 months ago
GSA_kwCzR0hTQS1qajdjLWpydjQtYzY1eM4AA1_2
plone.namedfile vulnerable to Stored Cross Site Scripting with SVG imagesEcosystems: pypi
Packages: plone.namedfile
Source: GitHub Advisory Database
Blast Radius: 9.0
Published: 8 months ago
Low
Ecosystems: pypi
Packages: cryptography
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
GSA_kwCzR0hTQS12OGdyLW01MzMtZ2hqOc4AA1_w
Vulnerable OpenSSL included in cryptography wheelsEcosystems: pypi
Packages: cryptography
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
High
Ecosystems: pypi
Packages: plone.rest
Source: GitHub Advisory Database
Blast Radius: 8.6
Published: 8 months ago
GSA_kwCzR0hTQS1oNnJwLW1wcm0teGdjcc4AA1_v
plone.rest vulnerable to Denial of Service when ++api++ is used many timesEcosystems: pypi
Packages: plone.rest
Source: GitHub Advisory Database
Blast Radius: 8.6
Published: 8 months ago
Low
Ecosystems: pypi
Packages: Zope
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: 8 months ago
GSA_kwCzR0hTQS13bThxLTk5NzUteGg1ds4AA1_u
Zope vulnerable to Stored Cross Site Scripting with SVG imagesEcosystems: pypi
Packages: Zope
Source: GitHub Advisory Database
Blast Radius: 7.6
Published: 8 months ago
High
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 19.2
Published: 8 months ago
GSA_kwCzR0hTQS1jNjQ3LXB4bTItYzUyd84AA1-0
Vyper vulnerable to memory corruption in certain builtins utilizing `msize`Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 19.2
Published: 8 months ago
High
Ecosystems: pypi
Packages: GeoNode
Source: GitHub Advisory Database
Blast Radius: 10.4
Published: 8 months ago
GSA_kwCzR0hTQS1weGc1LWgzNHItN3E4cM4AA1-z
GeoNode vulnerable to SSRF Bypass to return internal host dataEcosystems: pypi
Packages: GeoNode
Source: GitHub Advisory Database
Blast Radius: 10.4
Published: 8 months ago
Critical
Ecosystems: pypi
Packages: reportlab
Source: GitHub Advisory Database
Blast Radius: 40.5
Published: 8 months ago
GSA_kwCzR0hTQS1wajk4LTJ4ZjYtY2ZmNc4AA19n
ReportLab vulnerable to remote code execution via paraparserEcosystems: pypi
Packages: reportlab
Source: GitHub Advisory Database
Blast Radius: 40.5
Published: 8 months ago
Moderate
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 8 months ago
GSA_kwCzR0hTQS0zaGcyLXI3NXgtZzY5bc4AA17W
Vyper has incorrect re-entrancy lock when key is empty stringEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 8 months ago
Moderate
Ecosystems: pypi
Packages: gradio
Source: GitHub Advisory Database
Blast Radius: 19.6
Published: 8 months ago
GSA_kwCzR0hTQS12NHE5LXFncWYtN2p3cM4AA15s
Gradio arbitrary file upload vulnerabilityEcosystems: pypi
Packages: gradio
Source: GitHub Advisory Database
Blast Radius: 19.6
Published: 8 months ago
High
Ecosystems: pypi
Packages: apache-airflow-providers-apache-hdfs
Source: GitHub Advisory Database
Blast Radius: 9.4
Published: 8 months ago
GSA_kwCzR0hTQS01aGo5LW03NmcteHJjOM4AA13e
Apache HDFS Provider error message suggestedEcosystems: pypi
Packages: apache-airflow-providers-apache-hdfs
Source: GitHub Advisory Database
Blast Radius: 9.4
Published: 8 months ago
High
Ecosystems: pypi, rubygems
Packages: grpcio, grpc
Source: GitHub Advisory Database
Blast Radius: 61.2
Published: 8 months ago
GSA_kwCzR0hTQS1wMjVtLWpwajQtcWNycs4AA127
Denial of Service Vulnerability in gRPC TCP Server (Posix-compatible platforms)Ecosystems: pypi, rubygems
Packages: grpcio, grpc
Source: GitHub Advisory Database
Blast Radius: 61.2
Published: 8 months ago
Moderate
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: 8 months ago
GSA_kwCzR0hTQS1tanFoLXY1ZjItZzJtd84AA11j
Apache Airflow information exposure vulnerabilityEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 20.7
Published: 8 months ago
Moderate
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 13.7
Published: 8 months ago
GSA_kwCzR0hTQS13cGc4LW1mNmgtZ205Ms4AA11i
Apache Airflow Incorrect Authorization vulnerabilityEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 13.7
Published: 8 months ago
High
Ecosystems: nuget, cargo, pypi, go, npm
Packages: magick.net-q8-x64, magick.net-q8-openmp-x64, magick.net-q8-anycpu, magick.net-q16-x64, magick.net-q16-hdri-anycpu, magick.net-q16-anycpu, webp, Pillow, github.com/chai2010/webp, SkiaSharp, electron, libwebp-sys, libwebp-sys2
Source: GitHub Advisory Database
Blast Radius: 130.8
Published: 8 months ago
GSA_kwCzR0hTQS1qN2hwLWg4angtNXBwcs4AA10j
libwebp: OOB write in BuildHuffmanTableEcosystems: nuget, cargo, pypi, go, npm
Packages: magick.net-q8-x64, magick.net-q8-openmp-x64, magick.net-q8-anycpu, magick.net-q16-x64, magick.net-q16-hdri-anycpu, magick.net-q16-anycpu, webp, Pillow, github.com/chai2010/webp, SkiaSharp, electron, libwebp-sys, libwebp-sys2
Source: GitHub Advisory Database
Blast Radius: 130.8
Published: 8 months ago
Moderate
Ecosystems: pypi
Packages: piccolo
Source: GitHub Advisory Database
Blast Radius: 9.6
Published: 8 months ago
GSA_kwCzR0hTQS1oN2NtLW1ydnEtd2Nmcs4AA10c
Piccolo's current `BaseUser.login` implementation is vulnerable to time based user enumerationEcosystems: pypi
Packages: piccolo
Source: GitHub Advisory Database
Blast Radius: 9.6
Published: 8 months ago
Low
Ecosystems: pypi, maven
Packages: wiremock, com.github.tomakehurst:wiremock-jre8-standalone, com.github.tomakehurst:wiremock-jre8, org.wiremock:wiremock, org.wiremock:wiremock-standalone
Source: GitHub Advisory Database
Blast Radius: 16.4
Published: 8 months ago
GSA_kwCzR0hTQS1wbXhxLXBqNDctajhqNM4AA1xF
Domain restrictions bypass via DNS Rebinding in WireMock and WireMock Studio webhooks, proxy and recorder modesEcosystems: pypi, maven
Packages: wiremock, com.github.tomakehurst:wiremock-jre8-standalone, com.github.tomakehurst:wiremock-jre8, org.wiremock:wiremock, org.wiremock:wiremock-standalone
Source: GitHub Advisory Database
Blast Radius: 16.4
Published: 8 months ago
High
Ecosystems: pypi
Packages: ethyca-fides
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
GSA_kwCzR0hTQS1wNnAyLXFxOTUtdnE1aM4AA1v9
Remote Code Execution in Custom Integration UploadEcosystems: pypi
Packages: ethyca-fides
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 8 months ago
Moderate
Ecosystems: pypi
Packages: Zope, AccessControl
Source: GitHub Advisory Database
Blast Radius: 14.0
Published: 8 months ago
GSA_kwCzR0hTQS04eHY3LTg5dmotcTQ4Y84AA1v6
Information disclosure in AccessControlEcosystems: pypi
Packages: Zope, AccessControl
Source: GitHub Advisory Database
Blast Radius: 14.0
Published: 8 months ago
Moderate
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: 8 months ago
GSA_kwCzR0hTQS1mbTRxLWo4ZzQtYzlqNM4AA1vN
Apache Superset Improper Input Validation vulnerabilityEcosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 8.7
Published: 8 months ago
Moderate
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: 8 months ago
GSA_kwCzR0hTQS05NWNoLXAzZ3ctMjNxZ84AA1vM
Apache Superset has incorrect authorization checkEcosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: 8 months ago
Moderate
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 8.9
Published: 8 months ago
GSA_kwCzR0hTQS1majR4LW02Mmotd3Z3Z84AA1vL
Apache Superset Deserialization of Untrusted Data vulnerabilityEcosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 8.9
Published: 8 months ago
Moderate
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: 8 months ago
GSA_kwCzR0hTQS00Zmc5LTV3NDYteG1yas4AA1u4
Apache Superset Server Side Request Forgery vulnerabilityEcosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: 8 months ago
Moderate
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 7.2
Published: 8 months ago
GSA_kwCzR0hTQS05ODMyLW1nZzQtM2dyNs4AA1um
Apache Superset has improper default REST API permission for Gamma usersEcosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 7.2
Published: 8 months ago
Moderate
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 6.7
Published: 8 months ago
GSA_kwCzR0hTQS12NTk0LTJjOTctaHgzOM4AA1ut
Apache Superset vulnerable to improper data authorizationEcosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 6.7
Published: 8 months ago
Moderate
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: 8 months ago
GSA_kwCzR0hTQS1jcHZ4LTIzNjUtNDY2Y84AA1un
Apache Superset may expose internal traces on REST API endpointsEcosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: 8 months ago
Moderate
Ecosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: 8 months ago
GSA_kwCzR0hTQS05cWMzLXA5anEtMngyN84AA1up
Apache Superset users may incorrectly create resources using the import charts featureEcosystems: pypi
Packages: apache-superset
Source: GitHub Advisory Database
Blast Radius: 5.8
Published: 8 months ago
Moderate
Ecosystems: pypi
Packages: keylime
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
GSA_kwCzR0hTQS1mNHI1LXE2M2YtZ2N3d84AA1uk
Keylime registrar and (untrusted) Agent can be bypassed by an attackerEcosystems: pypi
Packages: keylime
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
Moderate
Ecosystems: pypi
Packages: salt
Source: GitHub Advisory Database
Blast Radius: 11.1
Published: 9 months ago
GSA_kwCzR0hTQS1xdmg2LTNqN3gtM2hxN84AA1sa
Salt can cause Git Providers to get wrong dataEcosystems: pypi
Packages: salt
Source: GitHub Advisory Database
Blast Radius: 11.1
Published: 9 months ago
Moderate
Ecosystems: pypi
Packages: salt
Source: GitHub Advisory Database
Blast Radius: 13.9
Published: 9 months ago
GSA_kwCzR0hTQS12cGpnLXdtZjgtMjloOc4AA1sb
Salt vulnerable to denial of serviceEcosystems: pypi
Packages: salt
Source: GitHub Advisory Database
Blast Radius: 13.9
Published: 9 months ago
Low
Ecosystems: pypi
Packages: hyper-bump-it
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
GSA_kwCzR0hTQS14YzI3LWY5cTMtNDQ0OM4AA1rH
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in hyper-bump-itEcosystems: pypi
Packages: hyper-bump-it
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
Moderate
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 9 months ago
GSA_kwCzR0hTQS00aGc0LTltZjUtd3h4cc4AA1rF
incorrect order of evaluation of side effects for some builtinsEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 9 months ago
Moderate
Ecosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 9 months ago
GSA_kwCzR0hTQS1nMnhoLWM0MjYtdjhtZs4AA1rE
Vyper: reversed order of side effects for some operationsEcosystems: pypi
Packages: vyper
Source: GitHub Advisory Database
Blast Radius: 12.6
Published: 9 months ago
Critical
Ecosystems: pypi
Packages: langchain
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: 9 months ago
GSA_kwCzR0hTQS1mNzN3LTRtN2ctY2g5eM4AA1n1
Langchain vulnerable to arbitrary code execution via the evaluate function in the numexpr libraryEcosystems: pypi
Packages: langchain
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: 9 months ago
High
Ecosystems: pypi
Packages: RestrictedPython
Source: GitHub Advisory Database
Blast Radius: 23.7
Published: 9 months ago
GSA_kwCzR0hTQS14ancyLTZqbTktcmY2N84AA1lM
Sandbox escape via various forms of "format".Ecosystems: pypi
Packages: RestrictedPython
Source: GitHub Advisory Database
Blast Radius: 23.7
Published: 9 months ago
Moderate
Ecosystems: pypi
Packages: GitPython
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: 9 months ago
GSA_kwCzR0hTQS1jd3ZtLXY0dzgtcTU4Y84AA1lK
Blind local file inclusionEcosystems: pypi
Packages: GitPython
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: 9 months ago
Moderate
Ecosystems: pypi
Packages: borgbackup
Source: GitHub Advisory Database
Blast Radius: 9.0
Published: 9 months ago
GSA_kwCzR0hTQS04ZmpyLWhnaHItNG05Oc4AA1lJ
Archive spoofing vulnerability in borgbackupEcosystems: pypi
Packages: borgbackup
Source: GitHub Advisory Database
Blast Radius: 9.0
Published: 9 months ago
Moderate
Ecosystems: pypi
Packages: jupyter-server
Source: GitHub Advisory Database
Blast Radius: 23.6
Published: 9 months ago
GSA_kwCzR0hTQS1yNzI2LXZtZnEtajlqM84AA1jZ
Open Redirect Vulnerability in jupyter-serverEcosystems: pypi
Packages: jupyter-server
Source: GitHub Advisory Database
Blast Radius: 23.6
Published: 9 months ago
Moderate
Ecosystems: pypi
Packages: jupyter-server
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: 9 months ago
GSA_kwCzR0hTQS02NHg1LTU1cnctOTk3NM4AA1jY
cross-site inclusion (XSSI) of files in jupyter-serverEcosystems: pypi
Packages: jupyter-server
Source: GitHub Advisory Database
Blast Radius: 17.8
Published: 9 months ago
High
Ecosystems: pypi
Packages: gitpython
Source: GitHub Advisory Database
Blast Radius: 34.7
Published: 9 months ago
GSA_kwCzR0hTQS13Zm01LXYzNWgtdndmNM4AA1jX
GitPython untrusted search path on Windows systems leading to arbitrary code executionEcosystems: pypi
Packages: gitpython
Source: GitHub Advisory Database
Blast Radius: 34.7
Published: 9 months ago
Critical
Ecosystems: pypi
Packages: zbar
Source: GitHub Advisory Database
Blast Radius: 16.4
Published: 9 months ago
GSA_kwCzR0hTQS1taHA2LWp2cHgtMnA0bc4AA1jD
Heap-based buffer overflow in ZBarEcosystems: pypi
Packages: zbar
Source: GitHub Advisory Database
Blast Radius: 16.4
Published: 9 months ago
High
Ecosystems: pypi
Packages: apache-airflow-providers-apache-spark
Source: GitHub Advisory Database
Blast Radius: 16.2
Published: 9 months ago
GSA_kwCzR0hTQS04cTI4LXB3OWctdzgyY84AA1hs
Apache Airflow vulnerable arbitrary code execution via Spark serverEcosystems: pypi
Packages: apache-airflow-providers-apache-spark
Source: GitHub Advisory Database
Blast Radius: 16.2
Published: 9 months ago
High
Ecosystems: pypi
Packages: apache-airflow-providers-apache-sqoop
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: 9 months ago
GSA_kwCzR0hTQS1nM205LXByNW0tNGN2cM4AA1hq
Airflow Sqoop Provider RCE VulnerabilityEcosystems: pypi
Packages: apache-airflow-providers-apache-sqoop
Source: GitHub Advisory Database
Blast Radius: 9.8
Published: 9 months ago
Moderate
Ecosystems: pypi
Packages: pyramid
Source: GitHub Advisory Database
Blast Radius: 19.2
Published: 9 months ago
GSA_kwCzR0hTQS1qOGcyLTZmYzctcThmOM4AA1gY
Pyramid static view path traversal up one directoryEcosystems: pypi
Packages: pyramid
Source: GitHub Advisory Database
Blast Radius: 19.2
Published: 9 months ago
High
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 25.5
Published: 9 months ago
GSA_kwCzR0hTQS1wbTg3LTI0d3Etcjh3Oc4AA1eM
Apache Airflow Session Fixation vulnerabilityEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 25.5
Published: 9 months ago
High
Ecosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 25.9
Published: 9 months ago
GSA_kwCzR0hTQS14Mm1oLThmbWMtcnFnaM4AA1eL
Apache Airflow denial of service vulnerabilityEcosystems: pypi
Packages: apache-airflow
Source: GitHub Advisory Database
Blast Radius: 25.9
Published: 9 months ago
Moderate
Ecosystems: pypi
Packages: apache-airflow, apache-airflow-providers-imap, apache-airflow-providers-smtp
Source: GitHub Advisory Database
Blast Radius: 18.8
Published: 9 months ago
GSA_kwCzR0hTQS01ZjM1LXBxMzQtYzg3cc4AA1eK
Apache Airflow missing Certificate ValidationEcosystems: pypi
Packages: apache-airflow, apache-airflow-providers-imap, apache-airflow-providers-smtp
Source: GitHub Advisory Database
Blast Radius: 18.8
Published: 9 months ago
High
Ecosystems: pypi
Packages: json2xml
Source: GitHub Advisory Database
Blast Radius: 14.2
Published: 9 months ago
GSA_kwCzR0hTQS04cmo1LTI4NTctODc3as4AA1d8
json2xml Uncaught Exception vulnerabilityEcosystems: pypi
Packages: json2xml
Source: GitHub Advisory Database
Blast Radius: 14.2
Published: 9 months ago
Critical
Ecosystems: pypi
Packages: langchain
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: 9 months ago
GSA_kwCzR0hTQS03Z2ZxLWY5NmYtZzg1as4AA1dI
langchain vulnerable to arbitrary code executionEcosystems: pypi
Packages: langchain
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: 9 months ago
Moderate
Ecosystems: pypi
Packages: horizon
Source: GitHub Advisory Database
Blast Radius: 11.9
Published: 9 months ago
GSA_kwCzR0hTQS01cHY2LXJwcnctODJ3ds4AA1bH
Horizon Web Dashboard Open Redirect vulnerabilityEcosystems: pypi
Packages: horizon
Source: GitHub Advisory Database
Blast Radius: 11.9
Published: 9 months ago
Moderate
Ecosystems: pypi
Packages: datasette
Source: GitHub Advisory Database
Blast Radius: 13.0
Published: 9 months ago
GSA_kwCzR0hTQS03Y2gzLTdwcDctN2Nwcc4AA1at
Datasette 1.0 alpha series leaks names of databases and tables to unauthenticated usersEcosystems: pypi
Packages: datasette
Source: GitHub Advisory Database
Blast Radius: 13.0
Published: 9 months ago
High
Ecosystems: pypi
Packages: pandasai
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 months ago
GSA_kwCzR0hTQS13ODMyLXYzYzYtbTZyZ84AA1aR
pandasai vulnerable to prompt injectionEcosystems: pypi
Packages: pandasai
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 months ago
High
Ecosystems: pypi
Packages: apache-airflow-providers-apache-spark
Source: GitHub Advisory Database
Blast Radius: 13.8
Published: 9 months ago
GSA_kwCzR0hTQS1yMmY2LTY5MjgtZmg4Zs4AA1XP
Apache Airflow Spark Provider Improper Input Validation vulnerabilityEcosystems: pypi
Packages: apache-airflow-providers-apache-spark
Source: GitHub Advisory Database
Blast Radius: 13.8
Published: 9 months ago
Moderate
Ecosystems: pypi
Packages: scancodeio
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
GSA_kwCzR0hTQS02eGN4LWd4N3ItcmNjas4AA1Ui
Scancode.io Reflected Cross-Site Scripting (XSS) in license endpointEcosystems: pypi
Packages: scancodeio
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 9 months ago
Critical
Ecosystems: pypi
Packages: langchain
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: 9 months ago
GSA_kwCzR0hTQS1majMyLXE2MjYtcGpqY84AA1UA
LangChain vulnerable to arbitrary code executionEcosystems: pypi
Packages: langchain
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: 9 months ago
Statistics
Advisories: 18,774
Packages: 8,381
Repositories: 779
Ecosystems: 12
Packages: 8,381
Repositories: 779
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
tensorflow
432
tensorflow-cpu
387
tensorflow-gpu
384
django
80
apache-airflow
78
ansible
63
salt
53
Plone
52
apache-superset
49
nova
45
plone
43
rdiffweb
42
Pillow
41
vyper
38
matrix-synapse
35
moin
34
mlflow
33
Django
30
opencv-python
30
opencv-contrib-python
30
keystone
30
langchain
18
glance
18
mercurial
17
PaddlePaddle
17
cobbler
17
pillow
16
neutron
16
cryptography
15
paddlepaddle
15
gradio
15
notebook
15
modoboa
14
pyftpdlib
14
pyload-ng
14
OctoPrint
13
vantage6
12
swift
12
aiohttp
11
onionshare-cli
11
twisted
11
calibreweb
11
urllib3
11
horizon
11
wagtail
10
trytond
10
Flask-AppBuilder
10
ethyca-fides
9
zope
9
waitress
9
Zope
9
kiwitcms
9
opencv-contrib-python-headless
9
opencv-python-headless
9
ryu
9
roundup
9
nautobot
9
label-studio
8
cinder
8
trac
8
numpy
8
aubio
8
python-keystoneclient
8
scrapy
7
pgadmin4
7
jupyter-server
7
ipython
7
lief
7
matrix-sydent
7
pysaml2
7
pip
7
inventree
6
mindsdb
6
sentry
6
apache-airflow-providers-apache-hive
6
Zope2
6
tuf
6
web2py
6
lxml
6
graphite-web
6
mailman
6
Moin
6
feedparser
5
python-gnupg
5
bleach
5
Products.CMFPlone
5
saleor
5
paramiko
5
pyspark
5
Jinja2
5
requests
5
lmdb
5
whoogle-search
5
ckan
5
barbican
4
tripleo-heat-templates
4
starlette
4
Scrapy
4
jupyterhub
4
oauthenticator
4
httpie
4
keylime
4
FreeTAKServer-UI
4
PyPDF2
4
omero-web
4
transformers
4
grpcio
4
markdown2
4
qutebrowser
4
grpc
4
tornado
4
werkzeug
4
yt-dlp
4
nvflare
4
nltk
4
software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
4
datasette
4
esphome
4
Keystone
4
GitPython
4
Radicale
4
reportlab
4
aws-iot-device-sdk-v2
4
ansible-core
4
jwcrypto
4
Pygments
4
Werkzeug
4
buildbot
4
pretix
4
bottle
4
awsiotsdk
4
Flask-Security-Too
4
ecdsa
3
ujson
3
ray
3
Weblate
3
ajenti
3
asyncssh
3
pyarrow
3
Kallithea
3
sanic
3
changedetection.io
3
sosreport
3
flask
3
io.grpc:grpc-protobuf
3
onnx
3
sickrage
3
Mezzanine
3
mistune
3
openvpn-monitor
3
streamlit
3
copyparty
3
Nova
3
indy-node
3
aim
3
localstack
3
mayan-edms
3
pandasai
3
poetry
3
protobuf
3
gerapy
3
bitlyshortener
3
indico
3
jupyterlab
3
pywasm3
3
python-jose
3
keyring
3
wger
3
asyncua
3
apache-iotdb
3
Products.PluggableAuthService
3
rsa
3
fava
3
keystonemiddleware
3
pyyaml
3
apache-airflow-providers-apache-spark
3
docassemble.webapp
3
quokka
3
clearml
3
SQLAlchemy
3
dulwich
3
django-helpdesk
3
ansible-runner
3
slixmpp
3
sqlparse
3
octavia
3
homeassistant
3
torchserve
3
pycrypto
3
apache-libcloud
3
plone.supermodel
3
plone.app.dexterity
3
plone.app.event
3
zenml
3
mitmproxy
3
httplib2
3
plone.app.theming
3
django-unicorn
2
piccolo
2
cabot
2
Filter by Repository
https://github.com/tensorflow/tensorflow
432
https://github.com/django/django
95
https://github.com/apache/airflow
90
https://github.com/ansible/ansible
53
https://github.com/python-pillow/Pillow
52
https://github.com/ikus060/rdiffweb
42
https://github.com/vyperlang/vyper
38
https://github.com/plone/Products.CMFPlone
37
https://github.com/openstack/nova
36
https://github.com/matrix-org/synapse
32
https://github.com/saltstack/salt
32
https://github.com/PaddlePaddle/Paddle
31
https://github.com/opencv/opencv
28
https://github.com/openstack/keystone
27
https://github.com/mlflow/mlflow
27
https://github.com/cobbler/cobbler
14
https://github.com/langchain-ai/langchain
14
https://github.com/vantage6/vantage6
14
https://github.com/pyca/cryptography
14
https://github.com/pyload/pyload
14
https://github.com/gradio-app/gradio
14
https://github.com/modoboa/modoboa
13
https://github.com/twisted/twisted
12
https://github.com/aio-libs/aiohttp
11
https://github.com/urllib3/urllib3
11
https://github.com/onionshare/onionshare
11
https://github.com/scrapy/scrapy
11
https://github.com/janeczku/calibre-web
11
https://github.com/jupyter/notebook
10
https://github.com/openstack/glance
10
https://github.com/dpgaspar/Flask-AppBuilder
10
https://github.com/zopefoundation/Zope
10
https://github.com/wagtail/wagtail
10
https://github.com/apache/superset
9
https://github.com/nautobot/nautobot
9
https://github.com/pgadmin-org/pgadmin4
9
https://github.com/Pylons/waitress
9
https://github.com/giampaolo/pyftpdlib
9
https://github.com/faucetsdn/ryu
9
https://github.com/openstack/horizon
9
https://github.com/ethyca/fides
9
https://github.com/kiwitcms/Kiwi
8
https://github.com/ipython/ipython
8
https://github.com/numpy/numpy
8
https://github.com/octoprint/octoprint
8
https://github.com/openstack/neutron
7
https://github.com/lief-project/LIEF
7
https://sourceforge.net/projects/sourceforge.net
7
https://github.com/aubio/aubio
7
https://github.com/openstack/swift
7
https://github.com/lxml/lxml
6
https://github.com/OctoPrint/OctoPrint
6
https://github.com/jupyter-server/jupyter_server
6
https://github.com/pypa/pip
6
https://github.com/openstack/cinder
6
https://github.com/HumanSignal/label-studio
6
https://github.com/graphite-project/graphite-web
6
https://github.com/matrix-org/sydent
6
https://github.com/getsentry/sentry
6
https://github.com/mindsdb/mindsdb
6
https://github.com/pallets/werkzeug
6
https://github.com/mozilla/bleach
5
https://github.com/hwchase17/langchain
5
https://github.com/benbusby/whoogle-search
5
https://github.com/TeamSeri0us/pocs
5
https://github.com/gitpython-developers/GitPython
5
https://github.com/tryton/trytond
5
https://github.com/keylime/keylime
5
https://github.com/ckan/ckan
4
https://github.com/Flask-Middleware/flask-security
4
https://github.com/esphome/esphome
4
https://github.com/latchset/jwcrypto
4
https://github.com/FreeTAKTeam/UI
4
https://github.com/NVIDIA/NVFlare
4
https://github.com/qutebrowser/qutebrowser
4
https://github.com/py-pdf/pypdf
4
https://github.com/aws/aws-iot-device-sdk-java-v2
4
https://github.com/rohe/pysaml2
4
https://github.com/huggingface/transformers
4
https://github.com/ronf/asyncssh
4
https://github.com/simonw/datasette
4
https://github.com/grpc/grpc
4
https://github.com/bottlepy/bottle
4
https://github.com/psf/requests
4
https://github.com/saleor/saleor
4
https://github.com/jhpyle/docassemble
4
https://github.com/yt-dlp/yt-dlp
4
https://github.com/inventree/InvenTree
4
https://github.com/WeblateOrg/weblate
4
https://github.com/web2py/web2py
4
https://github.com/Kozea/Radicale
4
https://github.com/tornadoweb/tornado
4
https://github.com/pallets/jinja
4
https://github.com/jupyterhub/oauthenticator
4
https://sourceforge.net/projects/roject
3
https://github.com/gventuri/pandas-ai
3
https://gitlab.com/mayan-edms/mayan-edms
3
https://github.com/trentm/python-markdown2
3
https://github.com/pygments/pygments
3
https://github.com/MobSF/Mobile-Security-Framework-MobSF
3
https://github.com/ansible/ansible-runner
3
https://github.com/pyca/pyopenssl
3
https://github.com/home-assistant/core
3
https://github.com/ome/omero-web
3
https://github.com/djblets/djblets
3
https://github.com/pretix/pretix
3
https://github.com/indico/indico
3
https://github.com/beancount/fava
3
https://github.com/furlongm/openvpn-monitor
3
https://github.com/moinwiki/moin-1.9
3
https://github.com/github/securitylab
3
https://github.com/pytorch/serve
3
https://github.com/nltk/nltk
3
https://github.com/wasm3/wasm3
3
https://github.com/python/cpython
3
https://github.com/Cog-Creators/Red-DiscordBot
3
https://github.com/jupyterlab/jupyterlab
3
https://github.com/jupyterhub/jupyterhub
3
https://github.com/Gerapy/Gerapy
3
https://github.com/mitmproxy/mitmproxy
3
https://github.com/rochacbruno/quokka
3
https://github.com/openstack/octavia
3
https://github.com/andialbrecht/sqlparse
3
https://github.com/encode/starlette
3
https://github.com/pypa/advisory-db
3
https://github.com/run-llama/llama_index
3
https://github.com/openstack/python-keystoneclient
3
https://github.com/dlitz/pycrypto
3
https://github.com/mpdavis/python-jose
3
https://github.com/pallets/flask
3
https://github.com/lepture/mistune
3
https://github.com/sqlalchemy/sqlalchemy
3
https://github.com/hyperledger/indy-node
3
https://github.com/9001/copyparty
3
https://github.com/theupdateframework/python-tuf
3
https://github.com/yaml/pyyaml
3
https://github.com/sosreport/sos
3
https://github.com/django-helpdesk/django-helpdesk
3
https://github.com/dgtlmoon/changedetection.io
3
https://github.com/theupdateframework/tuf
3
https://github.com/onnx/onnx
3
https://github.com/impredicative/bitlyshortener
3
https://github.com/IdentityPython/pysaml2
3
https://github.com/httplib2/httplib2
3
https://github.com/poezio/slixmpp
3
https://github.com/streamlit/streamlit
3
https://github.com/paramiko/paramiko
3
https://github.com/zenml-io/zenml
3
https://github.com/ethereum/eth-abi
2
https://github.com/openstack/magnum
2
https://github.com/mirumee/saleor
2
https://github.com/petl-developers/petl
2
https://github.com/executablebooks/markdown-it-py
2
https://github.com/pytest-dev/py
2
https://github.com/piccolo-orm/piccolo
2
https://github.com/eventlet/eventlet
2
https://github.com/MirahezeBots/sopel-channelmgnt
2
https://github.com/embedchain/embedchain
2
https://github.com/python-imaging/Pillow
2
https://github.com/python-ldap/python-ldap
2
https://github.com/facebookresearch/ParlAI
2
https://github.com/python-poetry/poetry
2
https://github.com/clinical-genomics/scout
2
https://github.com/DIRACGrid/DIRAC
2
https://github.com/encode/uvicorn
2
https://github.com/pretalx/pretalx
2
https://github.com/django-wiki/django-wiki
2
https://github.com/protocolbuffers/protobuf
2
https://github.com/mongodb/mongo-python-driver
2
https://github.com/OpenZeppelin/cairo-contracts
2
https://github.com/dask/distributed
2
https://github.com/DataDog/guarddog
2
https://github.com/moggers87/django-sendfile2
2
https://github.com/openstack/tripleo-heat-templates
2
https://github.com/Netflix/lemur
2
https://github.com/cure53/DOMPurify
2
https://github.com/plone/Products.ATContentTypes
2
https://github.com/pyinstaller/pyinstaller
2
https://github.com/corydolphin/flask-cors
2
https://github.com/plone/plone.restapi
2
https://github.com/openstack/barbican
2
https://github.com/dbt-labs/dbt-core
2
https://github.com/FreeTAKTeam/FreeTakServer
2
https://github.com/geopython/OWSLib
2
https://github.com/openstack/ossa
2
https://github.com/FreeOpcUa/opcua-asyncio
2
https://github.com/nexB/scancode.io
2
https://github.com/devsnd/cherrymusic
2
https://github.com/NVIDIA/NeMo
2
https://github.com/Legrandin/pycryptodome
2
https://github.com/stchris/untangle
2
https://github.com/warner/python-ecdsa
2
https://github.com/starkbank/ecdsa-python
2
https://github.com/aws/aws-encryption-sdk-cli
2
https://github.com/snowflakedb/snowflake-connector-python
2
https://github.com/jupyterhub/jupyter-server-proxy
2
https://github.com/aws/sagemaker-python-sdk
2
https://github.com/simplegeo/python-oauth2
2
https://github.com/httpie/httpie
2