Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
swift Security Advisories
Loading...
Moderate
Ecosystems: go, swift
Packages: google.golang.org/grpc, golang.org/x/net, https://github.com/apple/swift-nio-http2
Source: GitHub Advisory Database
Published: about 2 months ago
GSA_kwCzR0hTQS1xcHBqLWZtNXItaHhyM84AA2X2
swift-nio-http2 vulnerable to HTTP/2 Stream Cancellation AttackEcosystems: go, swift
Packages: google.golang.org/grpc, golang.org/x/net, https://github.com/apple/swift-nio-http2
Source: GitHub Advisory Database
Published: about 2 months ago
Moderate
Ecosystems: swift
Packages: https://github.com/vapor/vapor
Source: GitHub Advisory Database
Published: about 2 months ago
GSA_kwCzR0hTQS0zbXdxLWgzZzYtZmZobc4AA2Qq
Vapor's incorrect request error handling triggers server crashEcosystems: swift
Packages: https://github.com/vapor/vapor
Source: GitHub Advisory Database
Published: about 2 months ago
High
Ecosystems: swift
Packages: https://github.com/marmelroy/Zip
Source: GitHub Advisory Database
Published: 3 months ago
GSA_kwCzR0hTQS1nNDU0LXdqOXItanBnNM4AA1lP
Path traversal in Zip SwiftEcosystems: swift
Packages: https://github.com/marmelroy/Zip
Source: GitHub Advisory Database
Published: 3 months ago
High
Ecosystems: swift
Packages: https://github.com/weichsel/ZIPFoundation
Source: GitHub Advisory Database
Published: 3 months ago
GSA_kwCzR0hTQS1jMmNjLTM1NjktNmpoMs4AA1lS
Path traversal in ZIPFoundationEcosystems: swift
Packages: https://github.com/weichsel/ZIPFoundation
Source: GitHub Advisory Database
Published: 3 months ago
Moderate
Ecosystems: swift, npm, packagist
Packages: https://github.com/mongodb/mongo-swift-driver, mongodb, mongodb/mongodb
Source: GitHub Advisory Database
Published: 3 months ago
GSA_kwCzR0hTQS12eHZtLXF3dzMtMmZoN84AA1jJ
MongoDB Driver may publish events containing authentication-related dataEcosystems: swift, npm, packagist
Packages: https://github.com/mongodb/mongo-swift-driver, mongodb, mongodb/mongodb
Source: GitHub Advisory Database
Published: 3 months ago
High
Ecosystems: swift
Packages: https://github.com/migueldeicaza/SwiftTerm
Source: GitHub Advisory Database
Published: 5 months ago
GSA_kwCzR0hTQS1qcTQzLXE4bXgtcjdtcc4AA0t8
SwiftTerm Code Injection vulnerabilityEcosystems: swift
Packages: https://github.com/migueldeicaza/SwiftTerm
Source: GitHub Advisory Database
Published: 5 months ago
High
Ecosystems: swift
Packages: https://github.com/grpc/grpc-swift.git
Source: GitHub Advisory Database
Published: 6 months ago
GSA_kwCzR0hTQS1yNnd3LTU5NjMtN3I5Nc4AAzxC
Denial of Service via reachable assertionEcosystems: swift
Packages: https://github.com/grpc/grpc-swift.git
Source: GitHub Advisory Database
Published: 6 months ago
High
Ecosystems: swift
Packages: https://github.com/apple/swift-nio-http2.git
Source: GitHub Advisory Database
Published: 6 months ago
GSA_kwCzR0hTQS1xMzZ4LXI1eDQtaDRxNs4AAzxB
Denial of service via HTTP/2 HEADERS frames paddingEcosystems: swift
Packages: https://github.com/apple/swift-nio-http2.git
Source: GitHub Advisory Database
Published: 6 months ago
Moderate
Ecosystems: swift
Packages: github.com/vapor/leaf-kit
Source: GitHub Advisory Database
Published: 6 months ago
GSA_kwCzR0hTQS1ydjN4LXhxM3ItOGo5aM4AAzxA
LeafKit allows XSS with untrusted user inputEcosystems: swift
Packages: github.com/vapor/leaf-kit
Source: GitHub Advisory Database
Published: 6 months ago
High
Ecosystems: swift
Packages: github.com/grpc/grpc-swift
Source: GitHub Advisory Database
Published: 6 months ago
GSA_kwCzR0hTQS0yangyLXFjbTQtcmY5aM4AAzw_
Incomplete Internal State Distinction in GRPCWebToHTTP2ServerCodecEcosystems: swift
Packages: github.com/grpc/grpc-swift
Source: GitHub Advisory Database
Published: 6 months ago
High
Ecosystems: swift
Packages: github.com/grpc/grpc-swift
Source: GitHub Advisory Database
Published: 6 months ago
GSA_kwCzR0hTQS1yeG1qLWhnOXYtdnAzcM4AAzw-
Uncontrolled Resource Consumption in LengthPrefixedMessageReaderEcosystems: swift
Packages: github.com/grpc/grpc-swift
Source: GitHub Advisory Database
Published: 6 months ago
Moderate
Ecosystems: swift
Packages: github.com/vapor/vapor
Source: GitHub Advisory Database
Published: 6 months ago
GSA_kwCzR0hTQS1wcXdoLWMyZjMtdnhtcc4AAzw9
Untrusted data fed into `Data.init(base32Encoded:)` can result in exposing server memory and/or crashEcosystems: swift
Packages: github.com/vapor/vapor
Source: GitHub Advisory Database
Published: 6 months ago
Moderate
Ecosystems: swift
Packages: github.com/vapor/vapor
Source: GitHub Advisory Database
Published: 6 months ago
GSA_kwCzR0hTQS1nY2o5LWpqMzgtaHdtY84AAzw8
Vapor's Metrics integration could cause a system drainEcosystems: swift
Packages: github.com/vapor/vapor
Source: GitHub Advisory Database
Published: 6 months ago
Moderate
Ecosystems: swift
Packages: github.com/vapor/vapor
Source: GitHub Advisory Database
Published: 6 months ago
GSA_kwCzR0hTQS12Y3ZnLXhncjgtcDVncc4AAzw7
Arbitrary file read using percent-encoded relative paths in FileMiddlewareEcosystems: swift
Packages: github.com/vapor/vapor
Source: GitHub Advisory Database
Published: 6 months ago
High
Ecosystems: swift
Packages: github.com/vapor/vapor
Source: GitHub Advisory Database
Published: 6 months ago
GSA_kwCzR0hTQS12ajJtLTlmNWotbXByNc4AAzuh
Vapor vulnerable to denial of service in HTTP Range Request of FileMiddlewareEcosystems: swift
Packages: github.com/vapor/vapor
Source: GitHub Advisory Database
Published: 6 months ago
High
Ecosystems: swift
Packages: github.com/vapor/vapor
Source: GitHub Advisory Database
Published: 6 months ago
GSA_kwCzR0hTQS1xdnhnLXdqeGMtcjRnZ84AAzug
Vapor vulnerable to denial of service in URLEncodedFormDecoderEcosystems: swift
Packages: github.com/vapor/vapor
Source: GitHub Advisory Database
Published: 6 months ago
High
Ecosystems: swift
Packages: github.com/apple/swift-corelibs-foundation
Source: GitHub Advisory Database
Published: 6 months ago
GSA_kwCzR0hTQS0yMzljLTZjdjItd3d4OM4AAzuf
Swift-corelibs-foundation denial of service in JSON decoding with JSONDecoderEcosystems: swift
Packages: github.com/apple/swift-corelibs-foundation
Source: GitHub Advisory Database
Published: 6 months ago
High
Ecosystems: swift
Packages: github.com/apple/swift-nio-extras
Source: GitHub Advisory Database
Published: 6 months ago
GSA_kwCzR0hTQS03NzNnLXgyNzQtOHFtZs4AAzue
SwiftNIO Extras vulnerable to improper detection of complete HTTP body decompressionEcosystems: swift
Packages: github.com/apple/swift-nio-extras
Source: GitHub Advisory Database
Published: 6 months ago
Moderate
Ecosystems: swift
Packages: github.com/apple/swift-nio
Source: GitHub Advisory Database
Published: 6 months ago
GSA_kwCzR0hTQS03Zmo3LTM5d2otYzY0Zs4AAzud
SwiftNIO vulnerable to Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting')Ecosystems: swift
Packages: github.com/apple/swift-nio
Source: GitHub Advisory Database
Published: 6 months ago
High
Ecosystems: swift
Packages: github.com/swift-server/async-http-client
Source: GitHub Advisory Database
Published: 6 months ago
GSA_kwCzR0hTQS12M3I1LXBqcG0tbXdncc4AAzuc
Async HTTP Client has CRLF Injection vulnerability in HTTP request headersEcosystems: swift
Packages: github.com/swift-server/async-http-client
Source: GitHub Advisory Database
Published: 6 months ago
Moderate
Ecosystems: swift
Packages: github.com/grpc/grpc-swift
Source: GitHub Advisory Database
Published: 6 months ago
GSA_kwCzR0hTQS00cmhxLXZxMjQtODhnd84AAzbD
Uncontrolled Recursion in HTTP2ToRawGRPCServerCodecEcosystems: swift
Packages: github.com/grpc/grpc-swift
Source: GitHub Advisory Database
Published: 6 months ago
High
Ecosystems: swift
Packages: github.com/apple/swift-nio-http2
Source: GitHub Advisory Database
Published: 6 months ago
GSA_kwCzR0hTQS1wZ2Z4LWc2cmMtOGNqds4AAzZR
swift-nio-http2 vulnerable to denial of service via ALTSVC or ORIGIN framesEcosystems: swift
Packages: github.com/apple/swift-nio-http2
Source: GitHub Advisory Database
Published: 6 months ago
High
Ecosystems: swift
Packages: github.com/apple/swift-nio-http2
Source: GitHub Advisory Database
Published: 6 months ago
GSA_kwCzR0hTQS1jY3c5LXE1aDItOGMyd84AAzZQ
swift-nio-http2 vulnerable to denial of service via invalid HTTP/2 HEADERS frame lengthEcosystems: swift
Packages: github.com/apple/swift-nio-http2
Source: GitHub Advisory Database
Published: 6 months ago
Critical
Ecosystems: swift
Packages: github.com/apple/swift-nio
Source: GitHub Advisory Database
Published: 6 months ago
GSA_kwCzR0hTQS1tZ2M0LXdxdjctNHB4bc4AAzZP
SwiftNIO vulnerable to HTTP request smuggling using malformed Transfer-Encoding headerEcosystems: swift
Packages: github.com/apple/swift-nio
Source: GitHub Advisory Database
Published: 6 months ago
High
Ecosystems: swift
Packages: github.com/apple/swift-nio-http2
Source: GitHub Advisory Database
Published: 6 months ago
GSA_kwCzR0hTQS13M2Y2LXBjNTQtZ2Z3N84AAzZO
swift-nio-http2 vulnerable to denial of service via mishandled HPACK variable length integer encodingEcosystems: swift
Packages: github.com/apple/swift-nio-http2
Source: GitHub Advisory Database
Published: 6 months ago
Low
Ecosystems: swift
Packages: github.com/vapor/postgres-nio
Source: GitHub Advisory Database
Published: 7 months ago
GSA_kwCzR0hTQS05Y2ZoLXZ4OTMtODR2ds4AAzRE
PostgresNIO processes unencrypted bytes from man-in-the-middleEcosystems: swift
Packages: github.com/vapor/postgres-nio
Source: GitHub Advisory Database
Published: 7 months ago
High
Ecosystems: pypi, swift
Packages: zstd, github.com/facebook/zstd
Source: GitHub Advisory Database
Published: 8 months ago
GSA_kwCzR0hTQS01YzljLTZ4ODctZjl2bc4AAyfJ
zstd vulnerable to buffer overrunEcosystems: pypi, swift
Packages: zstd, github.com/facebook/zstd
Source: GitHub Advisory Database
Published: 8 months ago
Critical
Ecosystems: swift
Packages: github.com/apple/swift-nio-ssl
Source: GitHub Advisory Database
Published: over 1 year ago
GSA_kwCzR0hTQS1mcmczLWdwY3gtOTY4Zs4AAjE-
SwiftNIO SSL arbitrary code execution vulnerabilityEcosystems: swift
Packages: github.com/apple/swift-nio-ssl
Source: GitHub Advisory Database
Published: over 1 year ago
High
Ecosystems: swift
Packages: github.com/apple/swift-nio-http2
Source: GitHub Advisory Database
Published: almost 2 years ago
GSA_kwCzR0hTQS13ZnZxLXA3cWYtdnY2NM0qkA
Duplicate advisory: swift-nio-http2 vulnerable to denial of service via mishandled HPACK variable length integer encodingEcosystems: swift
Packages: github.com/apple/swift-nio-http2
Source: GitHub Advisory Database
Published: almost 2 years ago
High
Ecosystems: swift
Packages: github.com/apple/swift-nio-http2
Source: GitHub Advisory Database
Published: almost 2 years ago
GSA_kwCzR0hTQS1wdjdyLTl2amctZzNmOc0qgg
Duplicate advisory: swift-nio-http2 vulnerable to denial of service via invalid HTTP/2 HEADERS frame lengthEcosystems: swift
Packages: github.com/apple/swift-nio-http2
Source: GitHub Advisory Database
Published: almost 2 years ago
High
Ecosystems: swift
Packages: github.com/apple/swift-nio-http2
Source: GitHub Advisory Database
Published: almost 2 years ago
GSA_kwCzR0hTQS1ncGd4LXdod2gtcjI5N80qiQ
Duplicate advisory: swift-nio-http2 vulnerable to denial of service via ALTSVC or ORIGIN framesEcosystems: swift
Packages: github.com/apple/swift-nio-http2
Source: GitHub Advisory Database
Published: almost 2 years ago
Filter by Severity
Filter by Ecosystem
Filter by Package
github.com/apple/swift-nio-http2
6
github.com/vapor/vapor
5
github.com/grpc/grpc-swift
3
github.com/apple/swift-nio
2
golang.org/x/net
1
https://github.com/weichsel/ZIPFoundation
1
https://github.com/marmelroy/Zip
1
mongodb/mongodb
1
mongodb
1
google.golang.org/grpc
1
https://github.com/apple/swift-nio-http2
1
github.com/swift-server/async-http-client
1
github.com/apple/swift-nio-ssl
1
github.com/apple/swift-nio-extras
1
github.com/apple/swift-corelibs-foundation
1
github.com/vapor/postgres-nio
1
github.com/vapor/leaf-kit
1
https://github.com/apple/swift-nio-http2.git
1
https://github.com/grpc/grpc-swift.git
1
https://github.com/migueldeicaza/SwiftTerm
1
https://github.com/vapor/vapor
1
https://github.com/mongodb/mongo-swift-driver
1
github.com/facebook/zstd
1
zstd
1