vulnerablecode
vulnerablecode copied to clipboard
nexB
A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase...
 https://public2.vulnerablecode.io/packages/v2/pkg:pypi/[email protected]?search=pypi
Bumps [requests](https://github.com/psf/requests) from 2.32.0 to 2.32.4. Release notes Sourced from requests's releases. v2.32.4 2.32.4 (2025-06-10) Security CVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted environment will retrieve...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
As a part of the ongoing GSoC 2025 project titled "On-demand live evaluation of packages and Integration with VulnTotal", this issue should set the base for using the new API...
As a part of the ongoing GSoC 2025 project titled "On-demand live evaluation of packages and Integration with VulnTotal", this issue should focus on setting the base for the upcoming...
See https://github.com/CollaboraOnline/online/security/advisories?state=published And https://www.collaboraonline.com/collabora-office-collabora-govoffice-security-advisories/
See: - https://github.com/github/advisory-database/pull/5032#issuecomment-2930738938 and https://public.vulnerablecode.io/vulnerabilities/VCID-a2bb-91uk-hqbg?search=CVE-2024-47535 This vulnerability's records are a problematic as pointed by @AB-xdev ... and there are more issues beyond CVSS, but also wrt. to the package and...
While working on advisory rearchitecture I was easily able to see conflicting advisories talking about same vulnerability but with different version ranges. - https://github.com/advisories/GHSA-cf66-xwfp-gvc4 - https://github.com/nodejs/security-wg/blob/main/vuln/npm/485.json - https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/webpack-dev-server/CVE-2018-14732.yml - https://nvd.nist.gov/vuln/detail/CVE-2018-14732#range-14726889...