Vulnerability DB | Snyk

See the full list of npm packages compromised in the "Shai-Hulud supply chain attack – Sep 2025" [View compromised packages].

Find out if you have vulnerabilities that put you at risk

Test your applications

All Vulnerabilities

APPLICATION

Cargo
cocoapods
Composer
Conan
Go
hex
Maven
npm
NuGet
pip
pub
RubyGems
Swift
Unmanaged (C/C++)

OPERATING SYSTEM

All OS vulnerabilities
AlmaLinux
Alpine Linux
Amazon Linux
CentOS
Chainguard
Debian
Oracle Linux
Red Hat Enterprise Linux
Rocky Linux
SUSE Linux Enterprise Server
Ubuntu
Wolfi

Report a new vulnerability

VULNERABILITY	AFFECTS	TYPE	PUBLISHED
H Buffer Overflow	cryptography[35.0.0,38.0.3)	pip	30 Oct 2022

Product

Snyk Open Source
Snyk Code
Snyk Container
Snyk Infrastructure as Code
Snyk AppRisk

Resources

Vulnerability DB
Documentation
Disclosed Vulnerabilities
Blog
FAQs

Company

About
Jobs
Contact
Policies
Do Not Sell My Personal Information

Contact Us

Support
Report a new vuln
Events

Find us online

Track our development

© 2025 Snyk Limited

Registered in England and Wales. Company number: 09677925

Registered address: Highlands House, Basingstoke Road, Spencers Wood, Reading, Berkshire, RG7 1NT.