Safety CI > SafPlusPlus/rcsh

pyup-update-pip-21.1.2-to-24.2

7 months, 2 weeks ago

cf0e327e

Update pip from 21.1.2 to 24.2

wheel 0.29.0 has known security vulnerabilities.

Package	Installed	Affected	Info
wheel	0.29.0	<0.38.1	show Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages

Package

Installed

Affected

Info

wheel

0.29.0

<0.38.1

show

Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli.
https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages

pyup-update-pip-21.1.2-to-24.1.2

8 months, 1 week ago

51d836e3

Update pip from 21.1.2 to 24.1.2

wheel 0.29.0 has known security vulnerabilities.

Package	Installed	Affected	Info
wheel	0.29.0	<0.38.1	show Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages

Package

Installed

Affected

Info

wheel

0.29.0

<0.38.1

show

Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli.
https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages

pyup-update-pip-21.1.2-to-24.1.1

8 months, 2 weeks ago

947d48ee

Update pip from 21.1.2 to 24.1.1

wheel 0.29.0 has known security vulnerabilities.

Package	Installed	Affected	Info
wheel	0.29.0	<0.38.1	show Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages

Package

Installed

Affected

Info

wheel

0.29.0

<0.38.1

show

Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli.
https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages

pyup-update-pip-21.1.2-to-24.1

8 months, 3 weeks ago

8ed9a3dd

Update pip from 21.1.2 to 24.1

wheel 0.29.0 has known security vulnerabilities.

Package	Installed	Affected	Info
wheel	0.29.0	<0.38.1	show Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages

Package

Installed

Affected

Info

wheel

0.29.0

<0.38.1

show

Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli.
https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages

pyup-update-wheel-0.29.0-to-0.43.0

1 year ago

800fb007

Update wheel from 0.29.0 to 0.43.0

pip 21.1.2 has known security vulnerabilities.

Package	Installed	Affected	Info
pip	21.1.2	<23.3	show Affected versions of Pip are vulnerable to Command Injection. When installing a package from a Mercurial VCS URL (ie "pip install hg+...") with pip prior to v23.3, the specified Mercurial revision could be used to inject arbitrary configuration options to the "hg clone" call (ie "--config"). Controlling the Mercurial configuration can modify how and which repository is installed. This vulnerability does not affect users who aren't installing from Mercurial.
pip	21.1.2	<25.0	show Pip solves a security vulnerability that previously allowed maliciously crafted wheel files to execute unauthorized code during installation.

Package

Installed

Affected

Info

pip

21.1.2

<23.3

show

Affected versions of Pip are vulnerable to Command Injection. When installing a package from a Mercurial VCS URL (ie "pip install hg+...") with pip prior to v23.3, the specified Mercurial revision could be used to inject arbitrary configuration options to the "hg clone" call (ie "--config"). Controlling the Mercurial configuration can modify how and which repository is installed. This vulnerability does not affect users who aren't installing from Mercurial.

pip

21.1.2

<25.0

show

Pip solves a security vulnerability that previously allowed maliciously crafted wheel files to execute unauthorized code during installation.

pyup-update-pip-21.1.2-to-24.0

1 year, 1 month ago

7f404c3a

Update pip from 21.1.2 to 24.0

wheel 0.29.0 has known security vulnerabilities.

Package	Installed	Affected	Info
wheel	0.29.0	<0.38.1	show Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages

Package

Installed

Affected

Info

wheel

0.29.0

<0.38.1

show

Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli.
https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages

pyup-update-pip-21.1.2-to-23.3.2

1 year, 2 months ago

d5d2b026

Update pip from 21.1.2 to 23.3.2

wheel 0.29.0 has known security vulnerabilities.

Package	Installed	Affected	Info
wheel	0.29.0	<0.38.1	show Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages

Package

Installed

Affected

Info

wheel

0.29.0

<0.38.1

show

Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli.
https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages

pyup-update-wheel-0.29.0-to-0.42.0

1 year, 3 months ago

0be26792

Update wheel from 0.29.0 to 0.42.0

pip 21.1.2 has known security vulnerabilities.

Package	Installed	Affected	Info
pip	21.1.2	<23.3	show Affected versions of Pip are vulnerable to Command Injection. When installing a package from a Mercurial VCS URL (ie "pip install hg+...") with pip prior to v23.3, the specified Mercurial revision could be used to inject arbitrary configuration options to the "hg clone" call (ie "--config"). Controlling the Mercurial configuration can modify how and which repository is installed. This vulnerability does not affect users who aren't installing from Mercurial.
pip	21.1.2	<25.0	show Pip solves a security vulnerability that previously allowed maliciously crafted wheel files to execute unauthorized code during installation.

Package

Installed

Affected

Info

pip

21.1.2

<23.3

show

Affected versions of Pip are vulnerable to Command Injection. When installing a package from a Mercurial VCS URL (ie "pip install hg+...") with pip prior to v23.3, the specified Mercurial revision could be used to inject arbitrary configuration options to the "hg clone" call (ie "--config"). Controlling the Mercurial configuration can modify how and which repository is installed. This vulnerability does not affect users who aren't installing from Mercurial.

pip

21.1.2

<25.0

show

Pip solves a security vulnerability that previously allowed maliciously crafted wheel files to execute unauthorized code during installation.

pyup-update-wheel-0.29.0-to-0.41.3

1 year, 4 months ago

a97b585c

Update wheel from 0.29.0 to 0.41.3

pip 21.1.2 has known security vulnerabilities.

Package	Installed	Affected	Info
pip	21.1.2	<23.3	show Affected versions of Pip are vulnerable to Command Injection. When installing a package from a Mercurial VCS URL (ie "pip install hg+...") with pip prior to v23.3, the specified Mercurial revision could be used to inject arbitrary configuration options to the "hg clone" call (ie "--config"). Controlling the Mercurial configuration can modify how and which repository is installed. This vulnerability does not affect users who aren't installing from Mercurial.
pip	21.1.2	<25.0	show Pip solves a security vulnerability that previously allowed maliciously crafted wheel files to execute unauthorized code during installation.

Package

Installed

Affected

Info

pip

21.1.2

<23.3

show

Affected versions of Pip are vulnerable to Command Injection. When installing a package from a Mercurial VCS URL (ie "pip install hg+...") with pip prior to v23.3, the specified Mercurial revision could be used to inject arbitrary configuration options to the "hg clone" call (ie "--config"). Controlling the Mercurial configuration can modify how and which repository is installed. This vulnerability does not affect users who aren't installing from Mercurial.

pip

21.1.2

<25.0

show

Pip solves a security vulnerability that previously allowed maliciously crafted wheel files to execute unauthorized code during installation.

pyup-update-pip-21.1.2-to-23.3.1

1 year, 4 months ago

e38e8ec3

Update pip from 21.1.2 to 23.3.1

wheel 0.29.0 has known security vulnerabilities.

Package	Installed	Affected	Info
wheel	0.29.0	<0.38.1	show Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages

Package

Installed

Affected

Info

wheel

0.29.0

<0.38.1

show

Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli.
https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages

pyup-update-wheel-0.29.0-to-0.41.2

1 year, 6 months ago

88ed0894

Update wheel from 0.29.0 to 0.41.2

No dependencies with known security vulnerabilities.

pyup-update-wheel-0.29.0-to-0.41.1

1 year, 7 months ago

20e11928

Update wheel from 0.29.0 to 0.41.1

No dependencies with known security vulnerabilities.

pyup-update-wheel-0.29.0-to-0.41.0

1 year, 7 months ago

fba130ae

Update wheel from 0.29.0 to 0.41.0

No dependencies with known security vulnerabilities.

pyup-update-wheel-0.29.0-to-0.40.0

1 year, 12 months ago

3cade463

Update wheel from 0.29.0 to 0.40.0

No dependencies with known security vulnerabilities.

pyup-update-wheel-0.29.0-to-0.38.4

2 years, 4 months ago

8b878310

Update wheel from 0.29.0 to 0.38.4

No dependencies with known security vulnerabilities.