Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

15 advisories

Loading
Eval Injection in fastbots High
CVE-2023-48699 was published for fastbots (pip) Nov 21, 2023
ubertidavide
vyper performs multiple eval of `sqrt()` argument built in Moderate
CVE-2024-32649 was published for vyper (pip) Apr 25, 2024
cyberthirst
vyper performs double eval of raw_args in create_from_blueprint Moderate
CVE-2024-32647 was published for vyper (pip) Apr 25, 2024
MindsDB Eval Injection vulnerability High
CVE-2024-45847 was published for mindsdb (pip) Sep 12, 2024
MindsDB Eval Injection vulnerability High
CVE-2024-45846 was published for mindsdb (pip) Sep 12, 2024
MindsDB Eval Injection vulnerability High
CVE-2024-45848 was published for mindsdb (pip) Sep 12, 2024
MindsDB Eval Injection vulnerability High
CVE-2024-45849 was published for mindsdb (pip) Sep 12, 2024
MindsDB Eval Injection vulnerability High
CVE-2024-45850 was published for mindsdb (pip) Sep 12, 2024
MindsDB Eval Injection vulnerability High
CVE-2024-45851 was published for mindsdb (pip) Sep 12, 2024
Guardrails has an arbitrary code execution vulnerability High
CVE-2024-45858 was published for guardrails-ai (pip) Sep 18, 2024
LangChain Experimental Eval Injection vulnerability Critical
CVE-2024-46946 was published for langchain-experimental (pip) Sep 19, 2024
Refuel Autolab Eval Injection vulnerability High
CVE-2024-27321 was published for refuel-autolabel (pip) Sep 12, 2024
Refuel Autolab Eval Injection vulnerability High
CVE-2024-27320 was published for refuel-autolabel (pip) Sep 12, 2024
AgentScope uses `eval` High
CVE-2024-48050 was published for agentscope (pip) Nov 5, 2024
Arbitrary Code Execution in Pillow Critical
CVE-2023-50447 was published for Pillow (pip) Jan 19, 2024
ProTip! Advisories are also available from the GraphQL API