Skip to content

Commit

Permalink
Latest data: Fri Nov 3 08:04:34 UTC 2023
Browse files Browse the repository at this point in the history
  • Loading branch information
github.actions committed Nov 3, 2023
1 parent bfb9f88 commit f1b7a93
Show file tree
Hide file tree
Showing 36 changed files with 172 additions and 744 deletions.
6 changes: 5 additions & 1 deletion audits/anime-downloader-requirements.audit.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -326,7 +326,7 @@
},
"vulnerabilities": [
{
"modified": "2023-10-26T14:47:11Z",
"modified": "2023-11-03T03:46:08Z",
"published": "2023-10-17T20:15:25Z",
"schema_version": "1.6.0",
"id": "GHSA-g4mx-q9vg-27p4",
Expand Down Expand Up @@ -517,6 +517,10 @@
"type": "WEB",
"url": "https://github.com/urllib3/urllib3/releases/tag/2.0.7"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/4R2Y5XK3WALSR3FNAGN7JBYV2B343ZKB/"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/PPDPLM6UUMN55ESPQWJFLLIZY4ZKCNRX/"
Expand Down
6 changes: 5 additions & 1 deletion audits/azure-cli-requirements.audit.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
},
"vulnerabilities": [
{
"modified": "2023-10-26T14:47:11Z",
"modified": "2023-11-03T03:46:08Z",
"published": "2023-10-17T20:15:25Z",
"schema_version": "1.6.0",
"id": "GHSA-g4mx-q9vg-27p4",
Expand Down Expand Up @@ -199,6 +199,10 @@
"type": "WEB",
"url": "https://github.com/urllib3/urllib3/releases/tag/2.0.7"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/4R2Y5XK3WALSR3FNAGN7JBYV2B343ZKB/"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/PPDPLM6UUMN55ESPQWJFLLIZY4ZKCNRX/"
Expand Down
6 changes: 5 additions & 1 deletion audits/bbot-requirements.audit.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -220,7 +220,7 @@
},
"vulnerabilities": [
{
"modified": "2023-10-26T14:47:11Z",
"modified": "2023-11-03T03:46:08Z",
"published": "2023-10-17T20:15:25Z",
"schema_version": "1.6.0",
"id": "GHSA-g4mx-q9vg-27p4",
Expand Down Expand Up @@ -411,6 +411,10 @@
"type": "WEB",
"url": "https://github.com/urllib3/urllib3/releases/tag/2.0.7"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/4R2Y5XK3WALSR3FNAGN7JBYV2B343ZKB/"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/PPDPLM6UUMN55ESPQWJFLLIZY4ZKCNRX/"
Expand Down
15 changes: 12 additions & 3 deletions audits/buku-requirements.audit.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
},
"vulnerabilities": [
{
"modified": "2023-10-26T14:47:11Z",
"modified": "2023-11-03T03:46:08Z",
"published": "2023-10-17T20:15:25Z",
"schema_version": "1.6.0",
"id": "GHSA-g4mx-q9vg-27p4",
Expand Down Expand Up @@ -199,6 +199,10 @@
"type": "WEB",
"url": "https://github.com/urllib3/urllib3/releases/tag/2.0.7"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/4R2Y5XK3WALSR3FNAGN7JBYV2B343ZKB/"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/PPDPLM6UUMN55ESPQWJFLLIZY4ZKCNRX/"
Expand Down Expand Up @@ -779,7 +783,7 @@
},
"vulnerabilities": [
{
"modified": "2023-10-31T21:31:25Z",
"modified": "2023-11-02T17:16:00Z",
"published": "2023-10-25T14:22:59Z",
"schema_version": "1.6.0",
"id": "GHSA-hrfv-mqp8-q5rw",
Expand Down Expand Up @@ -937,11 +941,16 @@
{
"type": "PACKAGE",
"url": "https://github.com/pallets/werkzeug"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/werkzeug/PYSEC-2023-221.yaml"
}
],
"database_specific": {
"cwe_ids": [
"CWE-400"
"CWE-400",
"CWE-787"
],
"github_reviewed": true,
"github_reviewed_at": "2023-10-25T14:22:59Z",
Expand Down
6 changes: 5 additions & 1 deletion audits/bzt-requirements.audit.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
},
"vulnerabilities": [
{
"modified": "2023-10-26T14:47:11Z",
"modified": "2023-11-03T03:46:08Z",
"published": "2023-10-17T20:15:25Z",
"schema_version": "1.6.0",
"id": "GHSA-g4mx-q9vg-27p4",
Expand Down Expand Up @@ -199,6 +199,10 @@
"type": "WEB",
"url": "https://github.com/urllib3/urllib3/releases/tag/2.0.7"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/4R2Y5XK3WALSR3FNAGN7JBYV2B343ZKB/"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/PPDPLM6UUMN55ESPQWJFLLIZY4ZKCNRX/"
Expand Down
10 changes: 7 additions & 3 deletions audits/charm-tools-requirements.audit.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,15 +8,15 @@
},
"vulnerabilities": [
{
"modified": "2023-10-30T15:15:56Z",
"modified": "2023-11-02T21:26:55Z",
"published": "2023-10-25T18:32:26Z",
"schema_version": "1.6.0",
"id": "GHSA-mq26-g339-26xf",
"aliases": [
"CVE-2023-5752"
],
"summary": "Command Injection in pip when used with Mercurial",
"details": "When installing a package from a Mercurial VCS URL, e.g. `pip install hg+...`, with pip prior to v23.3, the specified Mercurial revision could be used to inject arbitrary configuration options to the `hg clone` call (e.g. `--config`). Controlling the Mercurial configuration can modify how and which repository is installed. This vulnerability does not affect users who aren't installing from Mercurial.\n",
"details": "When installing a package from a Mercurial VCS URL, e.g. `pip install hg+...`, with pip prior to v23.3, the specified Mercurial revision could be used to inject arbitrary configuration options to the `hg clone` call (e.g. `--config`). Controlling the Mercurial configuration can modify how and which repository is installed. This vulnerability does not affect users who aren't installing from Mercurial.",
"affected": [
{
"package": {
Expand Down Expand Up @@ -234,7 +234,7 @@
},
"vulnerabilities": [
{
"modified": "2023-10-26T14:47:11Z",
"modified": "2023-11-03T03:46:08Z",
"published": "2023-10-17T20:15:25Z",
"schema_version": "1.6.0",
"id": "GHSA-g4mx-q9vg-27p4",
Expand Down Expand Up @@ -425,6 +425,10 @@
"type": "WEB",
"url": "https://github.com/urllib3/urllib3/releases/tag/2.0.7"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/4R2Y5XK3WALSR3FNAGN7JBYV2B343ZKB/"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/PPDPLM6UUMN55ESPQWJFLLIZY4ZKCNRX/"
Expand Down
6 changes: 5 additions & 1 deletion audits/cycode-requirements.audit.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
},
"vulnerabilities": [
{
"modified": "2023-10-26T14:47:11Z",
"modified": "2023-11-03T03:46:08Z",
"published": "2023-10-17T20:15:25Z",
"schema_version": "1.6.0",
"id": "GHSA-g4mx-q9vg-27p4",
Expand Down Expand Up @@ -199,6 +199,10 @@
"type": "WEB",
"url": "https://github.com/urllib3/urllib3/releases/tag/2.0.7"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/4R2Y5XK3WALSR3FNAGN7JBYV2B343ZKB/"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/PPDPLM6UUMN55ESPQWJFLLIZY4ZKCNRX/"
Expand Down
6 changes: 5 additions & 1 deletion audits/fdroidserver-requirements.audit.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -350,7 +350,7 @@
},
"vulnerabilities": [
{
"modified": "2023-10-26T14:47:11Z",
"modified": "2023-11-03T03:46:08Z",
"published": "2023-10-17T20:15:25Z",
"schema_version": "1.6.0",
"id": "GHSA-g4mx-q9vg-27p4",
Expand Down Expand Up @@ -541,6 +541,10 @@
"type": "WEB",
"url": "https://github.com/urllib3/urllib3/releases/tag/2.0.7"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/4R2Y5XK3WALSR3FNAGN7JBYV2B343ZKB/"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/PPDPLM6UUMN55ESPQWJFLLIZY4ZKCNRX/"
Expand Down
6 changes: 5 additions & 1 deletion audits/flintrock-requirements.audit.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -210,7 +210,7 @@
},
"vulnerabilities": [
{
"modified": "2023-10-26T14:47:11Z",
"modified": "2023-11-03T03:46:08Z",
"published": "2023-10-17T20:15:25Z",
"schema_version": "1.6.0",
"id": "GHSA-g4mx-q9vg-27p4",
Expand Down Expand Up @@ -401,6 +401,10 @@
"type": "WEB",
"url": "https://github.com/urllib3/urllib3/releases/tag/2.0.7"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/4R2Y5XK3WALSR3FNAGN7JBYV2B343ZKB/"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/PPDPLM6UUMN55ESPQWJFLLIZY4ZKCNRX/"
Expand Down
6 changes: 5 additions & 1 deletion audits/gyb-requirements.audit.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
},
"vulnerabilities": [
{
"modified": "2023-10-26T14:47:11Z",
"modified": "2023-11-03T03:46:08Z",
"published": "2023-10-17T20:15:25Z",
"schema_version": "1.6.0",
"id": "GHSA-g4mx-q9vg-27p4",
Expand Down Expand Up @@ -199,6 +199,10 @@
"type": "WEB",
"url": "https://github.com/urllib3/urllib3/releases/tag/2.0.7"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/4R2Y5XK3WALSR3FNAGN7JBYV2B343ZKB/"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/PPDPLM6UUMN55ESPQWJFLLIZY4ZKCNRX/"
Expand Down
6 changes: 5 additions & 1 deletion audits/jenkins-job-builder-requirements.audit.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
},
"vulnerabilities": [
{
"modified": "2023-10-26T14:47:11Z",
"modified": "2023-11-03T03:46:08Z",
"published": "2023-10-17T20:15:25Z",
"schema_version": "1.6.0",
"id": "GHSA-g4mx-q9vg-27p4",
Expand Down Expand Up @@ -199,6 +199,10 @@
"type": "WEB",
"url": "https://github.com/urllib3/urllib3/releases/tag/2.0.7"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/4R2Y5XK3WALSR3FNAGN7JBYV2B343ZKB/"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/PPDPLM6UUMN55ESPQWJFLLIZY4ZKCNRX/"
Expand Down
6 changes: 5 additions & 1 deletion audits/linode-cli-requirements.audit.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
},
"vulnerabilities": [
{
"modified": "2023-10-26T14:47:11Z",
"modified": "2023-11-03T03:46:08Z",
"published": "2023-10-17T20:15:25Z",
"schema_version": "1.6.0",
"id": "GHSA-g4mx-q9vg-27p4",
Expand Down Expand Up @@ -199,6 +199,10 @@
"type": "WEB",
"url": "https://github.com/urllib3/urllib3/releases/tag/2.0.7"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/4R2Y5XK3WALSR3FNAGN7JBYV2B343ZKB/"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/PPDPLM6UUMN55ESPQWJFLLIZY4ZKCNRX/"
Expand Down
6 changes: 5 additions & 1 deletion audits/mvt-requirements.audit.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
},
"vulnerabilities": [
{
"modified": "2023-10-26T14:47:11Z",
"modified": "2023-11-03T03:46:08Z",
"published": "2023-10-17T20:15:25Z",
"schema_version": "1.6.0",
"id": "GHSA-g4mx-q9vg-27p4",
Expand Down Expand Up @@ -199,6 +199,10 @@
"type": "WEB",
"url": "https://github.com/urllib3/urllib3/releases/tag/2.0.7"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/4R2Y5XK3WALSR3FNAGN7JBYV2B343ZKB/"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/PPDPLM6UUMN55ESPQWJFLLIZY4ZKCNRX/"
Expand Down
6 changes: 5 additions & 1 deletion audits/onlykey-agent-requirements.audit.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
},
"vulnerabilities": [
{
"modified": "2023-10-26T14:47:11Z",
"modified": "2023-11-03T03:46:08Z",
"published": "2023-10-17T20:15:25Z",
"schema_version": "1.6.0",
"id": "GHSA-g4mx-q9vg-27p4",
Expand Down Expand Up @@ -199,6 +199,10 @@
"type": "WEB",
"url": "https://github.com/urllib3/urllib3/releases/tag/2.0.7"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/4R2Y5XK3WALSR3FNAGN7JBYV2B343ZKB/"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/PPDPLM6UUMN55ESPQWJFLLIZY4ZKCNRX/"
Expand Down
6 changes: 5 additions & 1 deletion audits/openai-whisper-requirements.audit.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
},
"vulnerabilities": [
{
"modified": "2023-10-26T14:47:11Z",
"modified": "2023-11-03T03:46:08Z",
"published": "2023-10-17T20:15:25Z",
"schema_version": "1.6.0",
"id": "GHSA-g4mx-q9vg-27p4",
Expand Down Expand Up @@ -199,6 +199,10 @@
"type": "WEB",
"url": "https://github.com/urllib3/urllib3/releases/tag/2.0.7"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/4R2Y5XK3WALSR3FNAGN7JBYV2B343ZKB/"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/PPDPLM6UUMN55ESPQWJFLLIZY4ZKCNRX/"
Expand Down
4 changes: 2 additions & 2 deletions audits/pypy-requirements.audit.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -201,15 +201,15 @@
}
},
{
"modified": "2023-10-30T15:15:56Z",
"modified": "2023-11-02T21:26:55Z",
"published": "2023-10-25T18:32:26Z",
"schema_version": "1.6.0",
"id": "GHSA-mq26-g339-26xf",
"aliases": [
"CVE-2023-5752"
],
"summary": "Command Injection in pip when used with Mercurial",
"details": "When installing a package from a Mercurial VCS URL, e.g. `pip install hg+...`, with pip prior to v23.3, the specified Mercurial revision could be used to inject arbitrary configuration options to the `hg clone` call (e.g. `--config`). Controlling the Mercurial configuration can modify how and which repository is installed. This vulnerability does not affect users who aren't installing from Mercurial.\n",
"details": "When installing a package from a Mercurial VCS URL, e.g. `pip install hg+...`, with pip prior to v23.3, the specified Mercurial revision could be used to inject arbitrary configuration options to the `hg clone` call (e.g. `--config`). Controlling the Mercurial configuration can modify how and which repository is installed. This vulnerability does not affect users who aren't installing from Mercurial.",
"affected": [
{
"package": {
Expand Down
4 changes: 2 additions & 2 deletions audits/pypy3.10-requirements.audit.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,15 +8,15 @@
},
"vulnerabilities": [
{
"modified": "2023-10-30T15:15:56Z",
"modified": "2023-11-02T21:26:55Z",
"published": "2023-10-25T18:32:26Z",
"schema_version": "1.6.0",
"id": "GHSA-mq26-g339-26xf",
"aliases": [
"CVE-2023-5752"
],
"summary": "Command Injection in pip when used with Mercurial",
"details": "When installing a package from a Mercurial VCS URL, e.g. `pip install hg+...`, with pip prior to v23.3, the specified Mercurial revision could be used to inject arbitrary configuration options to the `hg clone` call (e.g. `--config`). Controlling the Mercurial configuration can modify how and which repository is installed. This vulnerability does not affect users who aren't installing from Mercurial.\n",
"details": "When installing a package from a Mercurial VCS URL, e.g. `pip install hg+...`, with pip prior to v23.3, the specified Mercurial revision could be used to inject arbitrary configuration options to the `hg clone` call (e.g. `--config`). Controlling the Mercurial configuration can modify how and which repository is installed. This vulnerability does not affect users who aren't installing from Mercurial.",
"affected": [
{
"package": {
Expand Down
4 changes: 2 additions & 2 deletions audits/pypy3.9-requirements.audit.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,15 +8,15 @@
},
"vulnerabilities": [
{
"modified": "2023-10-30T15:15:56Z",
"modified": "2023-11-02T21:26:55Z",
"published": "2023-10-25T18:32:26Z",
"schema_version": "1.6.0",
"id": "GHSA-mq26-g339-26xf",
"aliases": [
"CVE-2023-5752"
],
"summary": "Command Injection in pip when used with Mercurial",
"details": "When installing a package from a Mercurial VCS URL, e.g. `pip install hg+...`, with pip prior to v23.3, the specified Mercurial revision could be used to inject arbitrary configuration options to the `hg clone` call (e.g. `--config`). Controlling the Mercurial configuration can modify how and which repository is installed. This vulnerability does not affect users who aren't installing from Mercurial.\n",
"details": "When installing a package from a Mercurial VCS URL, e.g. `pip install hg+...`, with pip prior to v23.3, the specified Mercurial revision could be used to inject arbitrary configuration options to the `hg clone` call (e.g. `--config`). Controlling the Mercurial configuration can modify how and which repository is installed. This vulnerability does not affect users who aren't installing from Mercurial.",
"affected": [
{
"package": {
Expand Down
Loading

0 comments on commit f1b7a93

Please sign in to comment.