| HSEC-2024-0003 | process | process: command injection via argument list on Windows |
| HSEC-2024-0002 | bzlib,bz2,bzlib-conduit | out-of-bounds write when there are many bzip2 selectors |
| HSEC-2024-0001 | keter | Reflected XSS vulnerability in keter |
| HSEC-2023-0015 | cabal-install | cabal-install uses expired key policies |
| HSEC-2023-0014 | pandoc | Arbitrary file write is possible when using PDF output or --extract-media with untrusted input |
| HSEC-2023-0013 | git-annex | git-annex plaintext storage of embedded credentials on encrypted remotes |
| HSEC-2023-0012 | git-annex | git-annex checksum exposure to encrypted special remotes |
| HSEC-2023-0011 | git-annex | git-annex GPG decryption attack via compromised remote |
| HSEC-2023-0010 | git-annex | git-annex private data exfiltration to compromised remote |
| HSEC-2023-0009 | git-annex | git-annex command injection via malicious SSH hostname |
| HSEC-2023-0008 | hledger-web | Stored XSS in hledger-web |
| HSEC-2023-0007 | base,toml-reader | readFloat: memory exhaustion with large exponent |
| HSEC-2023-0006 | x509-validation | x509-validation does not enforce pathLenConstraint |
| HSEC-2023-0005 | tls-extra | tls-extra: certificate validation does not check Basic Constraints |
| HSEC-2023-0004 | xml-conduit | xml-conduit unbounded entity expansion |
| HSEC-2023-0003 | xmonad-contrib | code injection in xmonad-contrib |
| HSEC-2023-0002 | biscuit-haskell | Improper Verification of Cryptographic Signature |
| HSEC-2023-0001 | aeson | Hash flooding vulnerability in aeson |