Vulnerability Database
Blog
FAQ
Docs
Vulnerabilities
search
All ecosystems
308687
AlmaLinux
3609
Alpine
3724
Android
2909
Bitnami
5568
Chainguard
26530
CRAN
10
crates.io
1717
Debian
46287
GHC
3
GIT
28910
GitHub Actions
28
Go
4301
Hackage
23
Hex
36
Linux
13573
Mageia
5622
Maven
5548
MinimOS
1484
npm
26377
NuGet
1439
openSUSE
10035
OSS-Fuzz
3610
Packagist
4708
Pub
10
PyPI
15853
Red Hat
16074
Rocky Linux
1757
RubyGems
1681
SUSE
16300
SwiftURL
35
Ubuntu
46457
Wolfi
14469
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-9fm9-hp7p-53mf
Hex/hackney
Hackney fails to properly release HTTP connections to the pool
28 May
Fix available
Severity - 2.3 (Low)
GHSA-3988-q8q7-p787
Hex/ash_authentication
ash_authentication has email link auto-click account confirmation vulnerability
14 Apr
Fix available
Severity - 5.3 (Medium)
GHSA-qrm9-f75w-hg4c
Hex/ash_authentication
Ash Authentication has flawed token revocation checking logic in actions generated by `mix ash_authentication.install`
11 Feb
Fix available
Severity - 6.3 (Medium)
GHSA-vq52-99r9-h5pw
Hex/hackney
Server-side Request Forgery (SSRF) in hackney
11 Feb
Fix available
Severity - 2.9 (Low)
GHSA-pj33-75x5-32j4
Hex/rabbit_common
RabbitMQ HTTP API's queue deletion endpoint does not verify that the user has a required permission
06 Nov 2024
Fix available
Severity - 7.1 (High)
GHSA-hf59-7rwq-785m
Hex/ash_postgres
In AshPostgres, empty, atomic, non-bulk actions, policy bypass for side-effects vulnerability.
23 Oct 2024
Fix available
Severity - 5.3 (Medium)
GHSA-mj35-2rgf-cv8p
Hex/oidcc
OpenID Connect client Atom Exhaustion in provider configuration worker ets table location
03 Apr 2024
Fix available
Severity - 5.3 (Medium)
GHSA-9mg4-v392-8j68
Hex/jose
erlang-jose vulnerable to denial of service via large p2c value
19 Mar 2024
Fix available
Severity - 5.3 (Medium)
GHSA-h3rw-77w7-92gf
Hex/Samly
Samly access control vulnerability
11 Feb 2024
Fix available
Severity - 9.3 (Critical)
GHSA-2c28-m2m7-mf55
Hex/pleroma
Pleroma Path Traversal vulnerability
16 Oct 2023
Fix available
Severity - 2.6 (Low)
GHSA-738q-mc72-2q22
Hex/mtproto_proxy
MTProto proxy remote code execution vulnerability
10 Oct 2023
No fix available
Severity - 8.8 (High)
GHSA-3cjh-p6pw-jhv9
Hex/pow
Pow Mnesia cache doesn't invalidate all expired keys on startup
19 Sep 2023
Fix available
Severity - 6.5 (Medium)
GHSA-564w-97r7-c6p9
Hex/livebook
Livebook Desktop's protocol handler can be exploited to execute arbitrary command on Windows
21 Jun 2023
Fix available
Severity - 8.6 (High)
GHSA-4r2f-6fm9-2qgh
Hex/ecto
Ecto lacks a protection mechanism
10 Jan 2023
Fix available
Severity - 9.8 (Critical)
GHSA-5g2h-9x5v-5h3x
npm/phoenix_html
Hex/phoenix_html
phoenix_html allows Cross-site Scripting in HEEx class attributes
10 Jan 2023
Fix available
Severity - 6.1 (Medium)
GHSA-p8f7-22gq-m7j9
Hex/phoenix
Phoenix before 1.6.14 mishandles check_origin wildcarding
17 Oct 2022
Fix available
Severity - 7.5 (High)
Load more...
(2 pages left)
Hex - OSV