Safety CI > amor71/LiuAlgoTrader

pyup/scheduled-update-2022-11-14

2 years ago

01d61237

Update scipy from 1.9.1 to 1.9.3

py 1.11.0 has known security vulnerabilities.

Package

Installed

Affected

Info

py

1.11.0

<=1.11.0

show

** DISPUTED ** Py throughout 1.11.0 allows remote attackers to conduct a ReDoS (Regular expression Denial of Service) attack via a Subversion repository with crafted info data because the InfoSvnCommand argument is mishandled.
https://github.com/pytest-dev/py/issues/287

pyup/scheduled-update-2022-11-14

2 years ago

b2b6badc

Update fonttools from 4.37.1 to 4.38.0

py 1.11.0 and joblib 1.1.0 have known security vulnerabilities.

Package	Installed	Affected	Info
py	1.11.0	<=1.11.0	show DISPUTED Py throughout 1.11.0 allows remote attackers to conduct a ReDoS (Regular expression Denial of Service) attack via a Subversion repository with crafted info data because the InfoSvnCommand argument is mishandled. https://github.com/pytest-dev/py/issues/287
joblib	1.1.0	<1.2.0	show Affected versions of Joblib are vulnerable to Arbitrary Code Execution via the pre_dispatch flag in Parallel() class due to the eval() statement.
joblib	1.1.0	<1.2.0	show Joblib 1.2.0 fixes a security issue where 'eval(pre_dispatch)' could potentially run arbitrary code. Now only basic numerics are supported. https://github.com/joblib/joblib/pull/1327
joblib	1.1.0	<1.1.1	show Joblib 1.1.1 fixes a security issue where 'eval(pre_dispatch)' could potentially run arbitrary code. Now only basic numerics are supported. https://github.com/joblib/joblib/pull/1327

pyup/scheduled-update-2022-11-14

2 years ago

f8d4f5a8

Update requests-toolbelt from 0.9.1 to 0.10.1

py 1.11.0 has known security vulnerabilities.

Package

Installed

Affected

Info

py

1.11.0

<=1.11.0

show

** DISPUTED ** Py throughout 1.11.0 allows remote attackers to conduct a ReDoS (Regular expression Denial of Service) attack via a Subversion repository with crafted info data because the InfoSvnCommand argument is mishandled.
https://github.com/pytest-dev/py/issues/287

pyup/scheduled-update-2022-11-14

2 years ago

edba1af8

Update finnhub-python from 2.4.14 to 2.4.15

py 1.11.0 and joblib 1.1.0 have known security vulnerabilities.

Package	Installed	Affected	Info
py	1.11.0	<=1.11.0	show DISPUTED Py throughout 1.11.0 allows remote attackers to conduct a ReDoS (Regular expression Denial of Service) attack via a Subversion repository with crafted info data because the InfoSvnCommand argument is mishandled. https://github.com/pytest-dev/py/issues/287
joblib	1.1.0	<1.2.0	show Affected versions of Joblib are vulnerable to Arbitrary Code Execution via the pre_dispatch flag in Parallel() class due to the eval() statement.
joblib	1.1.0	<1.2.0	show Joblib 1.2.0 fixes a security issue where 'eval(pre_dispatch)' could potentially run arbitrary code. Now only basic numerics are supported. https://github.com/joblib/joblib/pull/1327
joblib	1.1.0	<1.1.1	show Joblib 1.1.1 fixes a security issue where 'eval(pre_dispatch)' could potentially run arbitrary code. Now only basic numerics are supported. https://github.com/joblib/joblib/pull/1327

pyup/scheduled-update-2022-11-14

2 years ago

5a7613d7

Update readme-renderer from 37.1 to 37.3

py 1.11.0 has known security vulnerabilities.

Package

Installed

Affected

Info

py

1.11.0

<=1.11.0

show

** DISPUTED ** Py throughout 1.11.0 allows remote attackers to conduct a ReDoS (Regular expression Denial of Service) attack via a Subversion repository with crafted info data because the InfoSvnCommand argument is mishandled.
https://github.com/pytest-dev/py/issues/287

pyup/scheduled-update-2022-11-14

2 years ago

de4828b3

Update executing from 1.0.0 to 1.2.0

py 1.11.0 and joblib 1.1.0 have known security vulnerabilities.

Package	Installed	Affected	Info
py	1.11.0	<=1.11.0	show DISPUTED Py throughout 1.11.0 allows remote attackers to conduct a ReDoS (Regular expression Denial of Service) attack via a Subversion repository with crafted info data because the InfoSvnCommand argument is mishandled. https://github.com/pytest-dev/py/issues/287
joblib	1.1.0	<1.2.0	show Affected versions of Joblib are vulnerable to Arbitrary Code Execution via the pre_dispatch flag in Parallel() class due to the eval() statement.
joblib	1.1.0	<1.2.0	show Joblib 1.2.0 fixes a security issue where 'eval(pre_dispatch)' could potentially run arbitrary code. Now only basic numerics are supported. https://github.com/joblib/joblib/pull/1327
joblib	1.1.0	<1.1.1	show Joblib 1.1.1 fixes a security issue where 'eval(pre_dispatch)' could potentially run arbitrary code. Now only basic numerics are supported. https://github.com/joblib/joblib/pull/1327

pyup/scheduled-update-2022-11-14

2 years ago

e417a2fc

Update qtpy from 2.2.0 to 2.3.0

py 1.11.0 has known security vulnerabilities.

Package

Installed

Affected

Info

py

1.11.0

<=1.11.0

show

** DISPUTED ** Py throughout 1.11.0 allows remote attackers to conduct a ReDoS (Regular expression Denial of Service) attack via a Subversion repository with crafted info data because the InfoSvnCommand argument is mishandled.
https://github.com/pytest-dev/py/issues/287

pyup/scheduled-update-2022-11-14

2 years ago

3428a012

Update exchange-calendars from 4.2 to 4.2.3

py 1.11.0 and joblib 1.1.0 have known security vulnerabilities.

Package	Installed	Affected	Info
py	1.11.0	<=1.11.0	show DISPUTED Py throughout 1.11.0 allows remote attackers to conduct a ReDoS (Regular expression Denial of Service) attack via a Subversion repository with crafted info data because the InfoSvnCommand argument is mishandled. https://github.com/pytest-dev/py/issues/287
joblib	1.1.0	<1.2.0	show Affected versions of Joblib are vulnerable to Arbitrary Code Execution via the pre_dispatch flag in Parallel() class due to the eval() statement.
joblib	1.1.0	<1.2.0	show Joblib 1.2.0 fixes a security issue where 'eval(pre_dispatch)' could potentially run arbitrary code. Now only basic numerics are supported. https://github.com/joblib/joblib/pull/1327
joblib	1.1.0	<1.1.1	show Joblib 1.1.1 fixes a security issue where 'eval(pre_dispatch)' could potentially run arbitrary code. Now only basic numerics are supported. https://github.com/joblib/joblib/pull/1327

pyup/scheduled-update-2022-11-14

2 years ago

faa84b90

Update finnhub-python from 2.4.14 to 2.4.15

py 1.11.0 and joblib 1.1.0 have known security vulnerabilities.

Package	Installed	Affected	Info
py	1.11.0	<=1.11.0	show DISPUTED Py throughout 1.11.0 allows remote attackers to conduct a ReDoS (Regular expression Denial of Service) attack via a Subversion repository with crafted info data because the InfoSvnCommand argument is mishandled. https://github.com/pytest-dev/py/issues/287
joblib	1.1.0	<1.2.0	show Affected versions of Joblib are vulnerable to Arbitrary Code Execution via the pre_dispatch flag in Parallel() class due to the eval() statement.
joblib	1.1.0	<1.2.0	show Joblib 1.2.0 fixes a security issue where 'eval(pre_dispatch)' could potentially run arbitrary code. Now only basic numerics are supported. https://github.com/joblib/joblib/pull/1327
joblib	1.1.0	<1.1.1	show Joblib 1.1.1 fixes a security issue where 'eval(pre_dispatch)' could potentially run arbitrary code. Now only basic numerics are supported. https://github.com/joblib/joblib/pull/1327

pyup/scheduled-update-2022-11-14

2 years ago

27c507c8

Update coverage from 6.4.4 to 6.5.0

py 1.11.0 and joblib 1.1.0 have known security vulnerabilities.

Package	Installed	Affected	Info
py	1.11.0	<=1.11.0	show DISPUTED Py throughout 1.11.0 allows remote attackers to conduct a ReDoS (Regular expression Denial of Service) attack via a Subversion repository with crafted info data because the InfoSvnCommand argument is mishandled. https://github.com/pytest-dev/py/issues/287
joblib	1.1.0	<1.2.0	show Affected versions of Joblib are vulnerable to Arbitrary Code Execution via the pre_dispatch flag in Parallel() class due to the eval() statement.
joblib	1.1.0	<1.2.0	show Joblib 1.2.0 fixes a security issue where 'eval(pre_dispatch)' could potentially run arbitrary code. Now only basic numerics are supported. https://github.com/joblib/joblib/pull/1327
joblib	1.1.0	<1.1.1	show Joblib 1.1.1 fixes a security issue where 'eval(pre_dispatch)' could potentially run arbitrary code. Now only basic numerics are supported. https://github.com/joblib/joblib/pull/1327

pyup/scheduled-update-2022-11-14

2 years ago

262367ef

Update colorama from 0.4.5 to 0.4.6

py 1.11.0 and joblib 1.1.0 have known security vulnerabilities.

Package	Installed	Affected	Info
py	1.11.0	<=1.11.0	show DISPUTED Py throughout 1.11.0 allows remote attackers to conduct a ReDoS (Regular expression Denial of Service) attack via a Subversion repository with crafted info data because the InfoSvnCommand argument is mishandled. https://github.com/pytest-dev/py/issues/287
joblib	1.1.0	<1.2.0	show Affected versions of Joblib are vulnerable to Arbitrary Code Execution via the pre_dispatch flag in Parallel() class due to the eval() statement.
joblib	1.1.0	<1.2.0	show Joblib 1.2.0 fixes a security issue where 'eval(pre_dispatch)' could potentially run arbitrary code. Now only basic numerics are supported. https://github.com/joblib/joblib/pull/1327
joblib	1.1.0	<1.1.1	show Joblib 1.1.1 fixes a security issue where 'eval(pre_dispatch)' could potentially run arbitrary code. Now only basic numerics are supported. https://github.com/joblib/joblib/pull/1327

pyup/scheduled-update-2022-11-14

2 years ago

1677c7d3

Update charset-normalizer from 2.1.1 to 3.0.0

py 1.11.0 and joblib 1.1.0 have known security vulnerabilities.

Package	Installed	Affected	Info
py	1.11.0	<=1.11.0	show DISPUTED Py throughout 1.11.0 allows remote attackers to conduct a ReDoS (Regular expression Denial of Service) attack via a Subversion repository with crafted info data because the InfoSvnCommand argument is mishandled. https://github.com/pytest-dev/py/issues/287
joblib	1.1.0	<1.2.0	show Affected versions of Joblib are vulnerable to Arbitrary Code Execution via the pre_dispatch flag in Parallel() class due to the eval() statement.
joblib	1.1.0	<1.2.0	show Joblib 1.2.0 fixes a security issue where 'eval(pre_dispatch)' could potentially run arbitrary code. Now only basic numerics are supported. https://github.com/joblib/joblib/pull/1327
joblib	1.1.0	<1.1.1	show Joblib 1.1.1 fixes a security issue where 'eval(pre_dispatch)' could potentially run arbitrary code. Now only basic numerics are supported. https://github.com/joblib/joblib/pull/1327

pyup/scheduled-update-2022-11-14

2 years ago

ec761ef1

Update autoflake from 1.5.3 to 1.7.7

py 1.11.0 and joblib 1.1.0 have known security vulnerabilities.

Package	Installed	Affected	Info
py	1.11.0	<=1.11.0	show DISPUTED Py throughout 1.11.0 allows remote attackers to conduct a ReDoS (Regular expression Denial of Service) attack via a Subversion repository with crafted info data because the InfoSvnCommand argument is mishandled. https://github.com/pytest-dev/py/issues/287
joblib	1.1.0	<1.2.0	show Affected versions of Joblib are vulnerable to Arbitrary Code Execution via the pre_dispatch flag in Parallel() class due to the eval() statement.
joblib	1.1.0	<1.2.0	show Joblib 1.2.0 fixes a security issue where 'eval(pre_dispatch)' could potentially run arbitrary code. Now only basic numerics are supported. https://github.com/joblib/joblib/pull/1327
joblib	1.1.0	<1.1.1	show Joblib 1.1.1 fixes a security issue where 'eval(pre_dispatch)' could potentially run arbitrary code. Now only basic numerics are supported. https://github.com/joblib/joblib/pull/1327

pyup/scheduled-update-2022-11-14

2 years ago

e7067700

Update certifi from 2022.6.15.1 to 2022.9.24

py 1.11.0 and joblib 1.1.0 have known security vulnerabilities.

Package	Installed	Affected	Info
py	1.11.0	<=1.11.0	show DISPUTED Py throughout 1.11.0 allows remote attackers to conduct a ReDoS (Regular expression Denial of Service) attack via a Subversion repository with crafted info data because the InfoSvnCommand argument is mishandled. https://github.com/pytest-dev/py/issues/287
joblib	1.1.0	<1.2.0	show Affected versions of Joblib are vulnerable to Arbitrary Code Execution via the pre_dispatch flag in Parallel() class due to the eval() statement.
joblib	1.1.0	<1.2.0	show Joblib 1.2.0 fixes a security issue where 'eval(pre_dispatch)' could potentially run arbitrary code. Now only basic numerics are supported. https://github.com/joblib/joblib/pull/1327
joblib	1.1.0	<1.1.1	show Joblib 1.1.1 fixes a security issue where 'eval(pre_dispatch)' could potentially run arbitrary code. Now only basic numerics are supported. https://github.com/joblib/joblib/pull/1327

pyup/scheduled-update-2022-11-14

2 years ago

a0990982

Update black from 22.8.0 to 22.10.0

py 1.11.0 and joblib 1.1.0 have known security vulnerabilities.

Package	Installed	Affected	Info
py	1.11.0	<=1.11.0	show DISPUTED Py throughout 1.11.0 allows remote attackers to conduct a ReDoS (Regular expression Denial of Service) attack via a Subversion repository with crafted info data because the InfoSvnCommand argument is mishandled. https://github.com/pytest-dev/py/issues/287
joblib	1.1.0	<1.2.0	show Affected versions of Joblib are vulnerable to Arbitrary Code Execution via the pre_dispatch flag in Parallel() class due to the eval() statement.
joblib	1.1.0	<1.2.0	show Joblib 1.2.0 fixes a security issue where 'eval(pre_dispatch)' could potentially run arbitrary code. Now only basic numerics are supported. https://github.com/joblib/joblib/pull/1327
joblib	1.1.0	<1.1.1	show Joblib 1.1.1 fixes a security issue where 'eval(pre_dispatch)' could potentially run arbitrary code. Now only basic numerics are supported. https://github.com/joblib/joblib/pull/1327