Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

swift github.com/vapor/vapor Security Advisories

Moderate

GSA_kwCzR0hTQS1yNnI0LTVwcjgtZ2pjcM4AA4Lw

Vapor contains an integer overflow in URI leading to potential host spoofing
Ecosystems: swift
Packages: github.com/vapor/vapor
Source: GitHub Advisory Database
Blast Radius: 18.9
Published: 4 months ago

Moderate

GSA_kwCzR0hTQS0zbXdxLWgzZzYtZmZobc4AA2Qq

Vapor's incorrect request error handling triggers server crash
Ecosystems: swift
Packages: github.com/vapor/vapor
Source: GitHub Advisory Database
Blast Radius: 15.4
Published: 7 months ago

Moderate

GSA_kwCzR0hTQS1wcXdoLWMyZjMtdnhtcc4AAzw9

Untrusted data fed into `Data.init(base32Encoded:)` can result in exposing server memory and/or crash
Ecosystems: swift
Packages: github.com/vapor/vapor
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 months ago

Moderate

GSA_kwCzR0hTQS1nY2o5LWpqMzgtaHdtY84AAzw8

Vapor's Metrics integration could cause a system drain
Ecosystems: swift
Packages: github.com/vapor/vapor
Source: GitHub Advisory Database
Blast Radius: 15.4
Published: 11 months ago

Moderate

GSA_kwCzR0hTQS12Y3ZnLXhncjgtcDVncc4AAzw7

Arbitrary file read using percent-encoded relative paths in FileMiddleware
Ecosystems: swift
Packages: github.com/vapor/vapor
Source: GitHub Advisory Database
Blast Radius: 18.9
Published: 11 months ago

High

GSA_kwCzR0hTQS12ajJtLTlmNWotbXByNc4AAzuh

Vapor vulnerable to denial of service in HTTP Range Request of FileMiddleware
Ecosystems: swift
Packages: github.com/vapor/vapor
Source: GitHub Advisory Database
Blast Radius: 21.8
Published: 11 months ago

High

GSA_kwCzR0hTQS1xdnhnLXdqeGMtcjRnZ84AAzug

Vapor vulnerable to denial of service in URLEncodedFormDecoder
Ecosystems: swift
Packages: github.com/vapor/vapor
Source: GitHub Advisory Database
Blast Radius: 21.8
Published: 11 months ago

Statistics

Advisories: 18,400
Packages: 8,303
Repositories: 1
Ecosystems: 12

Filter by Severity

Moderate 7,949 High 6,364 Critical 2,810 Low 986

Filter by Ecosystem

maven 5,534 packagist 3,815 pypi 3,727 npm 3,546 go 1,899 nuget 1,390 rubygems 814 cargo 777 swift 31 hex 30 actions 16 pub 8

Filter by Package

github.com/vapor/vapor 7 github.com/apple/swift-nio-http2 5 github.com/grpc/grpc-swift 4 github.com/apple/swift-nio 2 zstd 1 github.com/migueldeicaza/SwiftTerm 1 mongodb/mongodb 1 mongodb 1 github.com/mongodb/mongo-swift-driver 1 github.com/apple/swift-corelibs-foundation 1 pubnub 1 com.pubnub:pubnub-kotlin 1 com.pubnub:pubnub 1 github.com/pubnub/go/v7 1 github.com/pubnub/go 1 github.com/pubnub/go/v6 1 github.com/pubnub/go/v5 1 Pubnub 1 pubnub 1 pubnub 1 pubnub/pubnub 1 pubnub 1 pubnub 1 github.com/pubnub/swift 1 github.com/weichsel/ZIPFoundation 1 github.com/apple/swift-nio-ssl 1 github.com/apple/swift-nio-extras 1 github.com/vapor/leaf-kit 1 golang.org/x/net 1 google.golang.org/grpc 1 org.apache.tomcat:tomcat 1 org.apache.tomcat.embed:tomcat-embed-core 1 org.eclipse.jetty.http2:http2-common 1 org.eclipse.jetty.http2:http2-server 1 org.eclipse.jetty.http2:jetty-http2-common 1 org.eclipse.jetty.http2:jetty-http2-server 1 com.typesafe.akka:akka-http-core 1 com.typesafe.akka:akka-http-core_2.13 1 com.typesafe.akka:akka-http-core_2.12 1 com.typesafe.akka:akka-http-core_2.11 1 github.com/swift-server/swift-prometheus 1 github.com/swift-server/async-http-client 1 github.com/vapor/postgres-nio 1 github.com/facebook/zstd 1 github.com/marmelroy/Zip 1

Filter by Repository

https://github.com/vapor/vapor 7