Package | Installed | Affected | Info |
---|---|---|---|
idna | 2.8 | <3.7 |
show Affected versions of Idna are vulnerable to Denial Of Service via the idna.encode(), where a specially crafted argument could lead to significant resource consumption. In version 3.7, this function has been updated to reject such inputs efficiently, minimizing resource use. A practical workaround involves enforcing a maximum domain name length of 253 characters before encoding, as the vulnerability is triggered by unusually large inputs that normal operations wouldn't encounter. |
zipp | 3.1.0 | <3.19.1 |
show A Denial of Service (DoS) vulnerability exists in the jaraco/zipp library. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as features from the third-party zipp library are later merged into CPython, and the affected code is identical in both projects. The infinite loop can be initiated through the use of functions affecting the `Path` module in both zipp and zipfile, such as `joinpath`, the overloaded division operator, and `iterdir`. Although the infinite loop is not resource exhaustive, it prevents the application from responding. |
Package | Installed | Affected | Info |
---|---|---|---|
idna | 2.8 | <3.7 |
show Affected versions of Idna are vulnerable to Denial Of Service via the idna.encode(), where a specially crafted argument could lead to significant resource consumption. In version 3.7, this function has been updated to reject such inputs efficiently, minimizing resource use. A practical workaround involves enforcing a maximum domain name length of 253 characters before encoding, as the vulnerability is triggered by unusually large inputs that normal operations wouldn't encounter. |
zipp | 3.1.0 | <3.19.1 |
show A Denial of Service (DoS) vulnerability exists in the jaraco/zipp library. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as features from the third-party zipp library are later merged into CPython, and the affected code is identical in both projects. The infinite loop can be initiated through the use of functions affecting the `Path` module in both zipp and zipfile, such as `joinpath`, the overloaded division operator, and `iterdir`. Although the infinite loop is not resource exhaustive, it prevents the application from responding. |
Package | Installed | Affected | Info |
---|---|---|---|
idna | 2.8 | <3.7 |
show Affected versions of Idna are vulnerable to Denial Of Service via the idna.encode(), where a specially crafted argument could lead to significant resource consumption. In version 3.7, this function has been updated to reject such inputs efficiently, minimizing resource use. A practical workaround involves enforcing a maximum domain name length of 253 characters before encoding, as the vulnerability is triggered by unusually large inputs that normal operations wouldn't encounter. |
zipp | 3.1.0 | <3.19.1 |
show A Denial of Service (DoS) vulnerability exists in the jaraco/zipp library. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as features from the third-party zipp library are later merged into CPython, and the affected code is identical in both projects. The infinite loop can be initiated through the use of functions affecting the `Path` module in both zipp and zipfile, such as `joinpath`, the overloaded division operator, and `iterdir`. Although the infinite loop is not resource exhaustive, it prevents the application from responding. |
Package | Installed | Affected | Info |
---|---|---|---|
idna | 2.8 | <3.7 |
show Affected versions of Idna are vulnerable to Denial Of Service via the idna.encode(), where a specially crafted argument could lead to significant resource consumption. In version 3.7, this function has been updated to reject such inputs efficiently, minimizing resource use. A practical workaround involves enforcing a maximum domain name length of 253 characters before encoding, as the vulnerability is triggered by unusually large inputs that normal operations wouldn't encounter. |
zipp | 3.1.0 | <3.19.1 |
show A Denial of Service (DoS) vulnerability exists in the jaraco/zipp library. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as features from the third-party zipp library are later merged into CPython, and the affected code is identical in both projects. The infinite loop can be initiated through the use of functions affecting the `Path` module in both zipp and zipfile, such as `joinpath`, the overloaded division operator, and `iterdir`. Although the infinite loop is not resource exhaustive, it prevents the application from responding. |
Package | Installed | Affected | Info |
---|---|---|---|
idna | 2.8 | <3.7 |
show Affected versions of Idna are vulnerable to Denial Of Service via the idna.encode(), where a specially crafted argument could lead to significant resource consumption. In version 3.7, this function has been updated to reject such inputs efficiently, minimizing resource use. A practical workaround involves enforcing a maximum domain name length of 253 characters before encoding, as the vulnerability is triggered by unusually large inputs that normal operations wouldn't encounter. |
zipp | 3.1.0 | <3.19.1 |
show A Denial of Service (DoS) vulnerability exists in the jaraco/zipp library. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as features from the third-party zipp library are later merged into CPython, and the affected code is identical in both projects. The infinite loop can be initiated through the use of functions affecting the `Path` module in both zipp and zipfile, such as `joinpath`, the overloaded division operator, and `iterdir`. Although the infinite loop is not resource exhaustive, it prevents the application from responding. |
Package | Installed | Affected | Info |
---|---|---|---|
idna | 2.8 | <3.7 |
show Affected versions of Idna are vulnerable to Denial Of Service via the idna.encode(), where a specially crafted argument could lead to significant resource consumption. In version 3.7, this function has been updated to reject such inputs efficiently, minimizing resource use. A practical workaround involves enforcing a maximum domain name length of 253 characters before encoding, as the vulnerability is triggered by unusually large inputs that normal operations wouldn't encounter. |
zipp | 3.1.0 | <3.19.1 |
show A Denial of Service (DoS) vulnerability exists in the jaraco/zipp library. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as features from the third-party zipp library are later merged into CPython, and the affected code is identical in both projects. The infinite loop can be initiated through the use of functions affecting the `Path` module in both zipp and zipfile, such as `joinpath`, the overloaded division operator, and `iterdir`. Although the infinite loop is not resource exhaustive, it prevents the application from responding. |
black | 22.3.0 | <24.3.0 |
show Affected versions of Black are vulnerable to Regular Expression Denial of Service (ReDoS) via the lines_with_leading_tabs_expanded function in the strings.py file. An attacker could exploit this vulnerability by crafting a malicious input that causes a denial of service. |
Package | Installed | Affected | Info |
---|---|---|---|
black | 22.3.0 | <24.3.0 |
show Affected versions of Black are vulnerable to Regular Expression Denial of Service (ReDoS) via the lines_with_leading_tabs_expanded function in the strings.py file. An attacker could exploit this vulnerability by crafting a malicious input that causes a denial of service. |
https://pyup.io/repos/github/h0rn3t/fastapi-async-sqlalchemy/python-3-shield.svg
[![Python 3](https://pyup.io/repos/github/h0rn3t/fastapi-async-sqlalchemy/python-3-shield.svg)](https://pyup.io/repos/github/h0rn3t/fastapi-async-sqlalchemy/)
.. image:: https://pyup.io/repos/github/h0rn3t/fastapi-async-sqlalchemy/python-3-shield.svg :target: https://pyup.io/repos/github/h0rn3t/fastapi-async-sqlalchemy/ :alt: Python 3
<a href="https://pyup.io/repos/github/h0rn3t/fastapi-async-sqlalchemy/"><img src="https://pyup.io/repos/github/h0rn3t/fastapi-async-sqlalchemy/shield.svg" alt="Python 3" /></a>
!https://pyup.io/repos/github/h0rn3t/fastapi-async-sqlalchemy/python-3-shield.svg(Python 3)!:https://pyup.io/repos/github/h0rn3t/fastapi-async-sqlalchemy/
{<img src="https://pyup.io/repos/github/h0rn3t/fastapi-async-sqlalchemy/python-3-shield.svg" alt="Python 3" />}[https://pyup.io/repos/github/h0rn3t/fastapi-async-sqlalchemy/]
https://pyup.io/repos/github/h0rn3t/fastapi-async-sqlalchemy/shield.svg
[![Updates](https://pyup.io/repos/github/h0rn3t/fastapi-async-sqlalchemy/shield.svg)](https://pyup.io/repos/github/h0rn3t/fastapi-async-sqlalchemy/)
.. image:: https://pyup.io/repos/github/h0rn3t/fastapi-async-sqlalchemy/shield.svg :target: https://pyup.io/repos/github/h0rn3t/fastapi-async-sqlalchemy/ :alt: Updates
<a href="https://pyup.io/repos/github/h0rn3t/fastapi-async-sqlalchemy/"><img src="https://pyup.io/repos/github/h0rn3t/fastapi-async-sqlalchemy/shield.svg" alt="Updates" /></a>
!https://pyup.io/repos/github/h0rn3t/fastapi-async-sqlalchemy/shield.svg(Updates)!:https://pyup.io/repos/github/h0rn3t/fastapi-async-sqlalchemy/
{<img src="https://pyup.io/repos/github/h0rn3t/fastapi-async-sqlalchemy/shield.svg" alt="Updates" />}[https://pyup.io/repos/github/h0rn3t/fastapi-async-sqlalchemy/]