Skip to content

Commit 278ab92

Browse files
jackfromeastjackfromeast
committed
docs(website): update catalog with new cases and reclassifications
1 parent 72b7eb8 commit 278ab92

2 files changed

Lines changed: 18 additions & 16 deletions

File tree

website/source/content/docs/collection/_index.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@ bookCollapseSection: true
66

77
# Showcases and CVEs
88

9-
A curated dataset of confirmed vulnerable Python packages with proof-of-concept exploits. This page combines the **assigned CVEs** and the **end-to-end exploitation walkthroughs**. The full list of 76 confirmed cases lives on the [Catalog]({{< relref "catalog" >}}) page.
9+
A curated dataset of confirmed vulnerable Python packages with proof-of-concept exploits. This page combines the **assigned CVEs** and the **end-to-end exploitation walkthroughs**. The full list of 78 confirmed cases lives on the [Catalog]({{< relref "catalog" >}}) page.
1010

1111
## Assigned CVEs
1212

website/source/content/docs/collection/catalog/_index.md

Lines changed: 17 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -16,57 +16,61 @@ Each application name in the table below links to its directory under [`cp-colle
1616
|---|---|---:|---|---|---|---|---|
1717
| [ComfyUI](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/ComfyUI) | Remote | 112.5K | latest | Constrained | Attr | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
1818
| [ragflow](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/ragflow) | Remote | 80.3K | latest | Constrained | Attr | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
19+
| [smolagents](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/smolagents) | Remote | 27.4K | v1.14.0 | Constrained | Attr | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
1920
| [taipy](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/taipy) | Remote | 19.2K | v4.0.3 | Constrained | Attr | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Fixed |
2021
| [sd-webui-controlnet](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/sd-webui-controlnet) | Remote | 17.9K | latest | Constrained | Attr | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
2122
| [stable-diffusion-webui-forge](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/stable-diffusion-webui-forge) | Remote | 12.5K | latest | Constrained | Attr | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
2223
| [mesop](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/mesop) | Remote | 6.5K | v0.13.0 | Constrained | Dual | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
2324
| [docarray](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/docarray) | Remote | 3.1K | latest | Constrained | Attr | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
2425
| [django-unicorn](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/django-unicorn) | Remote | 2.6K | 0.61.0 | Agnostic | Dual | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
2526
| [fastapi-amis-admin](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/fastapi-amis-admin) | Remote | 1.5K | latest | Constrained | Attr | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
27+
| [pytest-sftpserver](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/pytest-sftpserver) | Remote | 38 | 1.3.0 | Agnostic | Dual | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | TODO |
28+
| [open-interpreter](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/open-interpreter) | Local | 63.5K | latest | Constrained | Attr | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
29+
| [minGPT](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/minGPT) | Local | 24.3K | latest | Constrained | Attr | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
30+
| [zipline](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/zipline) | Local | 19.8K | latest | Constrained | Attr | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
31+
| [hummingbot](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/hummingbot) | Local | 18.5K | latest | Constrained | Attr | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
32+
| [pyinstrument](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/pyinstrument) | Local | 7.7K | N/A | Agnostic | Dual | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
33+
| [wfuzz](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/wfuzz) | Local | 6.5K | latest | Constrained | Attr | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
34+
| [tensorpack](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/tensorpack) | Local | 6.3K | latest | Constrained | Attr | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
2635
| [azure-cli](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/azure-cli) | Local | 4.5K | v2.68.0 | Agnostic | Dual | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Fixed |
2736
| [azure-cli-core](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/azure-cli-core) | Local | 4.5K | latest | Agnostic | Dual | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
37+
| [deepdoctection](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/deepdoctection) | Local | 3.2K | latest | Constrained | Attr | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
38+
| [virt-manager](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/virt-manager) | Local | 3.1K | latest | Constrained | Attr | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
2839
| [sverchok](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/sverchok) | Local | 2.5K | latest | Agnostic | Dual | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Assigned |
29-
| [open-interpreter](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/open-interpreter) | Package | 63.5K | latest | Constrained | Attr | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
40+
| [fixinventory](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/fixinventory) | Local | 2.1K | 4.2.0 | Agnostic | Dual | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
41+
| [EasyCV](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/EasyCV) | Local | 1.9K | latest | Constrained | Attr | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
42+
| [nut](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/nut) | Local | 1.3K | latest | Constrained | Attr | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
43+
| [CRNN_Tensorflow](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/CRNN_Tensorflow) | Local | 1.0K | latest | Agnostic | Item | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
44+
| [GCFT](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/GCFT) | Local | 141 | N/A | Agnostic | Dual | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
45+
| [schemasheets](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/schemasheets) | Local | 52 | 0.3.1 | Agnostic | Dual | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
3046
| [diffusers](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/diffusers) | Package | 33.6K | latest | Constrained | Attr | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
3147
| [spaCy](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/spaCy) | Package | 33.6K | latest | Constrained | Attr | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
3248
| [fairseq](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/fairseq) | Package | 32.2K | latest | Constrained | Attr | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
3349
| [pytorch-lightning](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/pytorch-lightning) | Package | 31.1K | latest | Constrained | Attr | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
34-
| [minGPT](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/minGPT) | Package | 24.3K | latest | Constrained | Attr | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
35-
| [zipline](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/zipline) | Package | 19.8K | latest | Constrained | Attr | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
36-
| [hummingbot](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/hummingbot) | Package | 18.5K | latest | Constrained | Attr | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
3750
| [nni](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/nni) | Package | 14.4K | latest | Constrained | Attr | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
3851
| [stylegan2](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/stylegan2) | Package | 11.2K | latest | Constrained | Attr | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Todo |
3952
| [accelerate](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/accelerate) | Package | 9.7K | latest | Constrained | Attr | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
40-
| [pyinstrument](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/pyinstrument) | Package | 7.7K | N/A | Agnostic | Dual | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
4153
| [mmpose](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/mmpose) | Package | 7.6K | latest | Constrained | Attr | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
4254
| [issaclab](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/issaclab) | Package | 7.1K | v1.4.0 | Agnostic | Dual | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
4355
| [clearml](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/clearml) | Package | 6.7K | v1.16.5 | Agnostic | Dual | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
4456
| [deepchem](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/deepchem) | Package | 6.7K | latest | Agnostic | Dual | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Todo |
4557
| [ibis](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/ibis) | Package | 6.5K | latest | Constrained | Attr | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
46-
| [wfuzz](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/wfuzz) | Package | 6.5K | latest | Constrained | Attr | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
47-
| [tensorpack](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/tensorpack) | Package | 6.3K | latest | Constrained | Attr | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
4858
| [panel](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/panel) | Package | 5.7K | latest | Constrained | Attr | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
4959
| [Red-DiscordBot](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/Red-DiscordBot) | Package | 5.5K | latest | Constrained | Attr | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
5060
| [optimum](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/optimum) | Package | 3.4K | latest | Constrained | Attr | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
51-
| [deepdoctection](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/deepdoctection) | Package | 3.2K | latest | Constrained | Attr | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
52-
| [virt-manager](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/virt-manager) | Package | 3.1K | latest | Constrained | Attr | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
5361
| [robusta](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/robusta) | Package | 3.0K | 0.20.0 | Agnostic | Dual | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
5462
| [legged_gym](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/legged_gym) | Package | 2.9K | latest | Constrained | Attr | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
5563
| [neural-compressor](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/neural-compressor) | Package | 2.6K | latest | Constrained | Attr | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
5664
| [deepdiff](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/deepdiff) | Package | 2.5K | v8.0.0 | Agnostic | Dual | [diogotcorreia](https://github.com/qlustered/deepdiff/security/advisories/GHSA-mw26-5g2v-hqw3) | Accepted |
5765
| [generative-ai-python](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/generative-ai-python) | Package | 2.3K | latest | Constrained | Attr | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
5866
| [wrapt](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/wrapt) | Package | 2.3K | latest | Constrained | Attr | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
59-
| [fixinventory](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/fixinventory) | Package | 2.1K | 4.2.0 | Agnostic | Dual | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
6067
| [glom](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/glom) | Package | 2.1K | v24.11.0 | Agnostic | Dual | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
6168
| [evennia](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/evennia) | Package | 2.0K | latest | Constrained | Attr | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
62-
| [EasyCV](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/EasyCV) | Package | 1.9K | latest | Constrained | Attr | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
6369
| [pydash](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/pydash) | Package | 1.4K | v5.1.2 | Agnostic | Dual | [abdulrah33m](https://blog.abdulrah33m.com/prototype-pollution-in-python/) | Fixed |
64-
| [nut](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/nut) | Package | 1.3K | latest | Constrained | Attr | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
6570
| [pykka](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/pykka) | Package | 1.3K | latest | Constrained | Attr | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
6671
| [EPro-PnP](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/EPro-PnP) | Package | 1.2K | latest | Constrained | Attr | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
6772
| [otx](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/otx) | Package | 1.2K | v2.2.2 | Agnostic | Dual | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
6873
| [xorbits](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/xorbits) | Package | 1.2K | latest | Constrained | Attr | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
69-
| [CRNN_Tensorflow](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/CRNN_Tensorflow) | Package | 1.0K | latest | Agnostic | Item | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
7074
| [JSPyBridge](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/JSPyBridge) | Package | 850 | 1.2.1 | Agnostic | Dual | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
7175
| [meta_dataset](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/meta_dataset) | Package | 802 | N/A | Constrained | Attr | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
7276
| [riven](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/riven) | Package | 789 | v0.20.1 | Constrained | Dual | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
@@ -79,11 +83,9 @@ Each application name in the table below links to its directory under [`cp-colle
7983
| [netchecks](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/netchecks) | Package | 164 | v0.5.4 | Constrained | Dual | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
8084
| [uavSim](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/uavSim) | Package | 160 | N/A | Agnostic | Dual | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
8185
| [jacinle](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/jacinle) | Package | 145 | N/A | Constrained | Dual | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
82-
| [GCFT](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/GCFT) | Package | 141 | N/A | Agnostic | Dual | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
8386
| [gensphere](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/gensphere) | Package | 132 | N/A | Agnostic | Dual | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
8487
| [genielibs](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/genielibs) | Package | 113 | V24.9 | Agnostic | Dual | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
8588
| [laboneq](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/laboneq) | Package | 52 | v2.44.0 | Agnostic | Dual | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
86-
| [schemasheets](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/schemasheets) | Package | 52 | 0.3.1 | Agnostic | Dual | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
8789
| [magicattr](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/magicattr) | Package | 18 | v3.9.0 | Agnostic | Dual | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
8890
| [mo_dots](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/mo_dots) | Package | 7 | 10.659.25005 | Agnostic | Dual | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |
8991
| [pystringattr](https://github.com/jackfromeast/python-class-pollution/tree/main/cp-collection/pystringattr) | Package | 2 | N/A | Agnostic | Dual | [Pyrl](https://github.com/jackfromeast/python-class-pollution) | Reported |

0 commit comments

Comments
 (0)