Safety CI > cookiecutter/cookiecutter-django

pyup-update-django-debug-toolbar-5.1.0-to-5.2.0

11 months, 2 weeks ago

973d98ec

Update django-debug-toolbar from 5.1.0 to 5.2.0

django-stubs 5.1.3 has known security vulnerabilities.

Package	Installed	Affected	Info
django-stubs	5.1.3	<5.2.0	show Affected versions of django-stubs are potentially vulnerable to Security Misconfiguration. The inclusion of type stubs for deprecated and insecure password hashers (MD5PasswordHasher, SHA1PasswordHasher, and CryptPasswordHasher) may inadvertently encourage their use in Django applications. This can lead to the storage of user passwords using weak hashing algorithms, making them susceptible to brute-force attacks.

Package

Installed

Affected

Info

django-stubs

5.1.3

<5.2.0

show

Affected versions of django-stubs are potentially vulnerable to Security Misconfiguration. The inclusion of type stubs for deprecated and insecure password hashers (MD5PasswordHasher, SHA1PasswordHasher, and CryptPasswordHasher) may inadvertently encourage their use in Django applications. This can lead to the storage of user passwords using weak hashing algorithms, making them susceptible to brute-force attacks.

dependabot/docker/{{cookiecutter.project_slug}}/compose/production/aws/amazon/aws-cli-2.27.3

11 months, 2 weeks ago

ca9f2a29

Bump amazon/aws-cli Bumps amazon/aws-cli from 2.25.0 to 2.27.3. --- updated-dependencies: - depend

django-stubs 5.1.3 has known security vulnerabilities.

Package	Installed	Affected	Info
django-stubs	5.1.3	<5.2.0	show Affected versions of django-stubs are potentially vulnerable to Security Misconfiguration. The inclusion of type stubs for deprecated and insecure password hashers (MD5PasswordHasher, SHA1PasswordHasher, and CryptPasswordHasher) may inadvertently encourage their use in Django applications. This can lead to the storage of user passwords using weak hashing algorithms, making them susceptible to brute-force attacks.

Package

Installed

Affected

Info

django-stubs

5.1.3

<5.2.0

show

Affected versions of django-stubs are potentially vulnerable to Security Misconfiguration. The inclusion of type stubs for deprecated and insecure password hashers (MD5PasswordHasher, SHA1PasswordHasher, and CryptPasswordHasher) may inadvertently encourage their use in Django applications. This can lead to the storage of user passwords using weak hashing algorithms, making them susceptible to brute-force attacks.

dependabot/docker/{{cookiecutter.project_slug}}/compose/production/aws/amazon/aws-cli-2.27.2

11 months, 2 weeks ago

a30811f4

Bump amazon/aws-cli Bumps amazon/aws-cli from 2.25.0 to 2.27.2. --- updated-dependencies: - depend