Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

13 advisories

Loading
Gradio performs a non-constant-time comparison when comparing hashes Moderate
CVE-2024-47869 was published for gradio (pip) Oct 10, 2024
ahpaleus Vasco-jofra
Timing-Based Username Enumeration Vulnerability in Fides Webserver Authentication Low
CVE-2024-45052 was published for ethyca-fides (pip) Sep 4, 2024
RobertKeyser pattisdr
daveqnet
Django vulnerable to user enumeration attack Moderate
CVE-2024-39329 was published for Django (pip) Jul 10, 2024
vantage6 vulnerable to a username timing attack on recover password/MFA token Moderate
CVE-2024-24770 was published for vantage6 (pip) Mar 15, 2024
Python Cryptography package vulnerable to Bleichenbacher timing oracle attack High
CVE-2023-50782 was published for cryptography (pip) Feb 5, 2024
m2crypto Bleichenbacher timing attack - incomplete fix for CVE-2020-25657 Moderate
CVE-2023-50781 was published for m2crypto (pip) Feb 5, 2024
vantage6 vulnerable to username timing attack Low
CVE-2024-21671 was published for vantage6-server (pip) Jan 30, 2024
Minerva timing attack on P-256 in python-ecdsa High
CVE-2024-23342 was published for ecdsa (pip) Jan 22, 2024
tomato42
Mailman Core vulnerable to timing attacks High
CVE-2021-34337 was published for mailman (pip) Apr 15, 2023
python-jose failure to use a constant time comparison for HMAC keys Critical
CVE-2016-7036 was published for python-jose (pip) May 17, 2022
Observable Timing Discrepancy in aaugustin websockets library High
CVE-2021-33880 was published for websockets (pip) Jun 11, 2021
Timing attack on django-basic-auth-ip-whitelist Moderate
CVE-2020-4071 was published for django-basic-auth-ip-whitelist (pip) Jun 23, 2020
thibaudcolas
Potential Observable Timing Discrepancy in Wagtail Moderate
CVE-2020-11037 was published for wagtail (pip) May 7, 2020
thibaudcolas
ProTip! Advisories are also available from the GraphQL API