Dependency Fix Guides
Exact fix instructions for CVEs across all 7 ecosystems PackageFix supports. Every page shows your vulnerable version, the safe version, and the exact command to run.
Browse by ecosystem
npm / Node.js
express, lodash, axios, jsonwebtoken, vm2 and 20 more
PyPI / Python
Django, Flask, requests, cryptography, Pillow and 20 more
Ruby / Gems
Rails, Nokogiri, Devise, Puma, Rack and 15 more
PHP / Composer
Laravel, Symfony, Guzzle, Flysystem and 10 more
Go / Modules
Gin, gRPC, Echo, Fiber, GORM and 10 more
Rust / Crates
actix-web, axum, hyper, openssl, rustls and 10 more
Java / Maven
Log4j, Spring, Jackson, Netty, Guava and 10 more
Paste your manifest — get a fixed version with all CVEs patched in seconds.
Open PackageFix →Free · No signup · No CLI · Runs in your browser