Safety CI > h0rn3t/fastapi-async-sqlalchemy

main-sessions

3 days, 11 hours ago

de528f85

"refactor multi_sessions: introduce TaskSessionManager for improved session reuse and cleanup; updat

No dependencies with known security vulnerabilities.

multi_sessions_wip-2

4 days, 21 hours ago

545e4a88

"enhance multi_sessions handling; add task-scoped session reuse and cleanup logic; improve README wi

No dependencies with known security vulnerabilities.

main

6 months, 3 weeks ago

a76b7bb6

fix import create_middleware_and_session_proxy

No dependencies with known security vulnerabilities.

main

9 months, 3 weeks ago

5b365464

Merge pull request #24 from h0rn3t/multi_sessions_wip WIP: multi_sessions

No dependencies with known security vulnerabilities.

multi_sessions_wip

9 months, 3 weeks ago

955f538f

WIP: multi_sessions

No dependencies with known security vulnerabilities.

main

9 months, 3 weeks ago

1b0b5a51

Merge pull request #23 from h0rn3t/multi_sessions_wip WIP: multi_sessions

No dependencies with known security vulnerabilities.

multi_sessions_wip

9 months, 3 weeks ago

0c74aaf2

WIP: multi_sessions

No dependencies with known security vulnerabilities.

main

9 months, 3 weeks ago

083197a0

Merge pull request #22 from h0rn3t/task-local-sessions Task local sessions

No dependencies with known security vulnerabilities.

task-local-sessions

9 months, 3 weeks ago

83d7bef8

fixes mypy

No dependencies with known security vulnerabilities.

task-local-sessions

9 months, 3 weeks ago

65ed17a3

fixes mypy

No dependencies with known security vulnerabilities.

task-local-sessions

9 months, 3 weeks ago

a657d8f2

fixes mypy

No dependencies with known security vulnerabilities.

task-local-sessions

9 months, 3 weeks ago

aafe26b5

fixes mypy

No dependencies with known security vulnerabilities.

task-local-sessions

9 months, 3 weeks ago

5c9f01fa

fixes mypy

idna 2.8 and zipp 3.1.0 have known security vulnerabilities.

Package	Installed	Affected	Info
idna	2.8	<3.7	show Affected versions of Idna are vulnerable to Denial Of Service via the idna.encode(), where a specially crafted argument could lead to significant resource consumption. In version 3.7, this function has been updated to reject such inputs efficiently, minimizing resource use. A practical workaround involves enforcing a maximum domain name length of 253 characters before encoding, as the vulnerability is triggered by unusually large inputs that normal operations wouldn't encounter.
zipp	3.1.0	<3.19.1	show A Denial of Service (DoS) vulnerability exists in the jaraco/zipp library. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as features from the third-party zipp library are later merged into CPython, and the affected code is identical in both projects. The infinite loop can be initiated through the use of functions affecting the `Path` module in both zipp and zipfile, such as `joinpath`, the overloaded division operator, and `iterdir`. Although the infinite loop is not resource exhaustive, it prevents the application from responding.

Package

Installed

Affected

Info

idna

2.8

<3.7

show

Affected versions of Idna are vulnerable to Denial Of Service via the idna.encode(), where a specially crafted argument could lead to significant resource consumption. In version 3.7, this function has been updated to reject such inputs efficiently, minimizing resource use. A practical workaround involves enforcing a maximum domain name length of 253 characters before encoding, as the vulnerability is triggered by unusually large inputs that normal operations wouldn't encounter.

zipp

3.1.0

<3.19.1

show

A Denial of Service (DoS) vulnerability exists in the jaraco/zipp library. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as features from the third-party zipp library are later merged into CPython, and the affected code is identical in both projects. The infinite loop can be initiated through the use of functions affecting the `Path` module in both zipp and zipfile, such as `joinpath`, the overloaded division operator, and `iterdir`. Although the infinite loop is not resource exhaustive, it prevents the application from responding.

task-local-sessions

9 months, 3 weeks ago

cb081f1e

fixes mypy

idna 2.8 and zipp 3.1.0 have known security vulnerabilities.

Package	Installed	Affected	Info
idna	2.8	<3.7	show Affected versions of Idna are vulnerable to Denial Of Service via the idna.encode(), where a specially crafted argument could lead to significant resource consumption. In version 3.7, this function has been updated to reject such inputs efficiently, minimizing resource use. A practical workaround involves enforcing a maximum domain name length of 253 characters before encoding, as the vulnerability is triggered by unusually large inputs that normal operations wouldn't encounter.
zipp	3.1.0	<3.19.1	show A Denial of Service (DoS) vulnerability exists in the jaraco/zipp library. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as features from the third-party zipp library are later merged into CPython, and the affected code is identical in both projects. The infinite loop can be initiated through the use of functions affecting the `Path` module in both zipp and zipfile, such as `joinpath`, the overloaded division operator, and `iterdir`. Although the infinite loop is not resource exhaustive, it prevents the application from responding.

Package

Installed

Affected

Info

idna

2.8

<3.7

show

Affected versions of Idna are vulnerable to Denial Of Service via the idna.encode(), where a specially crafted argument could lead to significant resource consumption. In version 3.7, this function has been updated to reject such inputs efficiently, minimizing resource use. A practical workaround involves enforcing a maximum domain name length of 253 characters before encoding, as the vulnerability is triggered by unusually large inputs that normal operations wouldn't encounter.

zipp

3.1.0

<3.19.1

show

A Denial of Service (DoS) vulnerability exists in the jaraco/zipp library. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as features from the third-party zipp library are later merged into CPython, and the affected code is identical in both projects. The infinite loop can be initiated through the use of functions affecting the `Path` module in both zipp and zipfile, such as `joinpath`, the overloaded division operator, and `iterdir`. Although the infinite loop is not resource exhaustive, it prevents the application from responding.

task-local-sessions

9 months, 3 weeks ago

cb29f3e6

added test_multi_sessions

idna 2.8 and zipp 3.1.0 have known security vulnerabilities.

Package	Installed	Affected	Info
idna	2.8	<3.7	show Affected versions of Idna are vulnerable to Denial Of Service via the idna.encode(), where a specially crafted argument could lead to significant resource consumption. In version 3.7, this function has been updated to reject such inputs efficiently, minimizing resource use. A practical workaround involves enforcing a maximum domain name length of 253 characters before encoding, as the vulnerability is triggered by unusually large inputs that normal operations wouldn't encounter.
zipp	3.1.0	<3.19.1	show A Denial of Service (DoS) vulnerability exists in the jaraco/zipp library. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as features from the third-party zipp library are later merged into CPython, and the affected code is identical in both projects. The infinite loop can be initiated through the use of functions affecting the `Path` module in both zipp and zipfile, such as `joinpath`, the overloaded division operator, and `iterdir`. Although the infinite loop is not resource exhaustive, it prevents the application from responding.

Package

Installed

Affected

Info

idna

2.8

<3.7

show

Affected versions of Idna are vulnerable to Denial Of Service via the idna.encode(), where a specially crafted argument could lead to significant resource consumption. In version 3.7, this function has been updated to reject such inputs efficiently, minimizing resource use. A practical workaround involves enforcing a maximum domain name length of 253 characters before encoding, as the vulnerability is triggered by unusually large inputs that normal operations wouldn't encounter.

zipp

3.1.0

<3.19.1

show

A Denial of Service (DoS) vulnerability exists in the jaraco/zipp library. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as features from the third-party zipp library are later merged into CPython, and the affected code is identical in both projects. The infinite loop can be initiated through the use of functions affecting the `Path` module in both zipp and zipfile, such as `joinpath`, the overloaded division operator, and `iterdir`. Although the infinite loop is not resource exhaustive, it prevents the application from responding.