runfinch-finch

Direct Vulnerabilities

Known vulnerabilities in the runfinch-finch package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
H Missing Release of Resource after Effective Lifetime	<0:1.17.1-1.amzn2023.0.2
H Improper Certificate Validation	<0:1.17.1-1.amzn2023.0.2
H Improper Validation of Specified Type of Input	<0:1.17.1-1.amzn2023.0.2
H Improper Enforcement of Message Integrity During Transmission in a Communication Channel	<0:1.17.1-1.amzn2023.0.2
H Improper Preservation of Permissions	<0:1.17.1-1.amzn2023.0.2
H Missing Authorization	<0:1.17.1-1.amzn2023.0.2
H Integer Overflow or Wraparound	<0:1.17.1-1.amzn2023.0.2
H Improper Certificate Validation	<0:1.17.1-1.amzn2023.0.2
H Improper Validation of Specified Quantity in Input	<0:1.17.1-1.amzn2023.0.2
H Incorrect Type Conversion or Cast	<0:1.17.1-1.amzn2023.0.2
H Incorrect Implementation of Authentication Algorithm	<0:1.17.1-1.amzn2023.0.2
H Missing Authorization	<0:1.17.1-1.amzn2023.0.2
H Deserialization of Untrusted Data	<0:1.17.1-1.amzn2023.0.2
H CVE-2026-42499	<0:1.17.0-1.amzn2023.0.2
H Cross-site Scripting (XSS)	<0:1.17.0-1.amzn2023.0.2
H CVE-2026-33811	<0:1.17.0-1.amzn2023.0.2
H Loop with Unreachable Exit Condition ('Infinite Loop')	<0:1.17.0-1.amzn2023.0.2
H Improper Validation of Unsafe Equivalence in Input	<0:1.17.0-1.amzn2023.0.2
H Allocation of Resources Without Limits or Throttling	<0:1.17.0-1.amzn2023.0.2
H CVE-2026-39825	<0:1.17.0-1.amzn2023.0.2
M Reachable Assertion	<0:1.17.0-1.amzn2023.0.1
M Cross-site Scripting (XSS)	<0:1.17.0-1.amzn2023.0.1
M Time-of-check Time-of-use (TOCTOU)	<0:1.17.0-1.amzn2023.0.1
M Expected Behavior Violation	<0:1.17.0-1.amzn2023.0.1
M Directory Traversal	<0:1.17.0-1.amzn2023.0.1
M Compiler Optimization Removal or Modification of Security-critical Code	<0:1.17.0-1.amzn2023.0.1
M Allocation of Resources Without Limits or Throttling	<0:1.17.0-1.amzn2023.0.1
M Allocation of Resources Without Limits or Throttling	<0:1.17.0-1.amzn2023.0.1
M Excessive Platform Resource Consumption within a Loop	<0:1.17.0-1.amzn2023.0.1
M Multiple Locks of a Critical Resource	<0:1.17.0-1.amzn2023.0.1
M Reachable Assertion	<0:1.14.1-1.amzn2023.0.1
H Incorrect Behavior Order: Authorization Before Parsing and Canonicalization	<0:1.15.1-1.amzn2023.0.2
M Server-Side Request Forgery (SSRF)	<0:1.15.1-1.amzn2023.0.1
M Cross-site Scripting (XSS)	<0:1.15.1-1.amzn2023.0.1
M Directory Traversal	<0:1.15.1-1.amzn2023.0.1
M Directory Traversal	<0:1.15.1-1.amzn2023.0.1
M Directory Traversal	<0:1.15.1-1.amzn2023.0.1
M Improper Validation of Syntactic Correctness of Input	<0:1.15.1-1.amzn2023.0.1
M Allocation of Resources Without Limits or Throttling	<0:1.14.1-1.amzn2023.0.1
M Missing Required Cryptographic Step	<0:1.14.1-1.amzn2023.0.1
M Insufficient Verification of Data Authenticity	<0:1.14.1-1.amzn2023.0.1
M CVE-2025-68121	<0:1.14.1-1.amzn2023.0.1
M Allocation of Resources Without Limits or Throttling	<0:1.14.1-1.amzn2023.0.1
M Out-of-bounds Read	<0:1.10.0-1.amzn2023.0.6
M Asymmetric Resource Consumption (Amplification)	<0:1.10.0-1.amzn2023.0.6
M Excessive Platform Resource Consumption within a Loop	<0:1.10.0-1.amzn2023.0.6
M Asymmetric Resource Consumption (Amplification)	<0:1.10.0-1.amzn2023.0.6
M Allocation of Resources Without Limits or Throttling	<0:1.10.0-1.amzn2023.0.6
M Improper Certificate Validation	<0:1.10.0-1.amzn2023.0.6
H Allocation of Resources Without Limits or Throttling	<0:1.10.0-1.amzn2023.0.5
H CVE-2025-58186	<0:1.10.0-1.amzn2023.0.5
H Improper Validation of Syntactic Correctness of Input	<0:1.10.0-1.amzn2023.0.5
H Improper Output Neutralization for Logs	<0:1.10.0-1.amzn2023.0.5
H Allocation of Resources Without Limits or Throttling	<0:1.10.0-1.amzn2023.0.5
H Allocation of Resources Without Limits or Throttling	<0:1.10.0-1.amzn2023.0.5
H Creation of Immutable Text Using String Concatenation	<0:1.10.0-1.amzn2023.0.5
H Allocation of Resources Without Limits or Throttling	<0:1.10.0-1.amzn2023.0.5
H Allocation of Resources Without Limits or Throttling	<0:1.10.0-1.amzn2023.0.5
H Reachable Assertion	<0:1.10.0-1.amzn2023.0.5
M Improper Certificate Validation	<0:1.8.3-1.amzn2023.0.1
M CVE-2025-4673	<0:1.8.3-1.amzn2023.0.1
H Cross-site Scripting (XSS)	<0:1.8.1-1.amzn2023.0.1
H HTTP Request Smuggling	<0:1.8.1-1.amzn2023.0.1
H Asymmetric Resource Consumption (Amplification)	<0:1.7.2-1.amzn2023.0.1
H Allocation of Resources Without Limits or Throttling	<0:1.7.1-1.amzn2023.0.1
H Allocation of Resources Without Limits or Throttling	<0:1.7.1-1.amzn2023.0.1
H Improper Handling of Exceptional Conditions	<0:1.6.0-1.amzn2023.0.1
H Allocation of Resources Without Limits or Throttling	<0:1.6.0-1.amzn2023.0.1
H Improper Authorization	<0:1.6.0-1.amzn2023.0.1
M Allocation of Resources Without Limits or Throttling	<0:1.6.0-1.amzn2023.0.1
M Improper Handling of Exceptional Conditions	<0:1.6.0-1.amzn2023.0.1

Vulnerability

Vulnerable Version

Missing Release of Resource after Effective Lifetime

<0:1.17.1-1.amzn2023.0.2