Spectra Assure
Community
Docs
failRisk: Vulnerabilities
Scanned: 5 months ago

duckdb

Artifact:
Top 1k
DuckDB in-process database
License: Permissive (MIT)
Published: 5 months ago
Visit Github
See on PyPI

SAFE Assessment

Compliance

Licenses
No license compliance issues
Secrets
No sensitive information found

Security

Vulnerabilities
1 severe vulnerabilities exploited
Hardening
2 low priority mitigations absent

Threats

Tampering
No evidence of software tampering
Malware
No evidence of malware inclusion

INCIDENTS:

List of known vulnerabilities affecting the software package and the components it embeds. Last refreshed on: 2025/06/16
All detected vulnerabilities are fixable
Run the update/upgrade command in your package manager to resolve the detected vulnerabilities
CVSS Score
CVE
Name
Tags
high
8.8
CVE-2020-10531
—
Exploits Exist
Fix Available

Did you know...

... that you can use ReversingLabs’ Spectra Assure platform to perform regular risk assessments of packages you develop in-house?

We recommend continuous software safeness monitoring through CI/CD integrations and pre-release/deployment checks. In addition to basic package information found on this page our platform offers rich reports for developers and DevSecOps that help them remediate all reported issues.

This website uses cookies to ensure the best website experience. By continuing to use this website you are giving your consent to cookies being used. Detailed information about our use of cookies is here.