Package | Installed | Affected | Info |
---|---|---|---|
certifi | 2022.12.7 | >=2021.05.30,<2024.07.04 |
show Certifi affected versions recognized root certificates from GLOBALTRUST. Certifi patch removes these root certificates from the root store. These certificates are being removed pursuant to an investigation that identified "long-running and unresolved compliance issues" and are also in the process of being removed from Mozilla's trust store. |
certifi | 2022.12.7 | >=2015.04.28,<2023.07.22 |
show Certifi 2023.07.22 includes a fix for CVE-2023-37920: Certifi prior to version 2023.07.22 recognizes "e-Tugra" root certificates. e-Tugra's root certificates were subject to an investigation prompted by reporting of security issues in their systems. Certifi 2023.07.22 removes root certificates from "e-Tugra" from the root store. https://github.com/certifi/python-certifi/security/advisories/GHSA-xqr8-7jwr-rhp7 |
Package | Installed | Affected | Info |
---|---|---|---|
py | 1.11.0 | <=1.11.0 |
show ** DISPUTED ** Py throughout 1.11.0 allows remote attackers to conduct a ReDoS (Regular expression Denial of Service) attack via a Subversion repository with crafted info data because the InfoSvnCommand argument is mishandled. https://github.com/pytest-dev/py/issues/287 |
fastapi | 0.90.0 | <=0.109.0 |
show Fastapi 0.109.1 updates its minimum version of 'python-multipart' to >=0.0.7 to include a security fix. |
fastapi | 0.90.0 | <0.92.0 |
show Fastapi 0.92.0 updates its dependency 'Starlette' to v0.25.0 to include a security fix. |
fastapi | 0.90.0 | <0.109.1 |
show FastAPI 0.109.1 addresses a critical security issue by upgrading its dependency python-multipart to version >=0.0.7. The upgrade mitigates a Regular Expression Denial of Service (ReDoS) vulnerability, which occurs when parsing form data. https://github.com/tiangolo/fastapi/security/advisories/GHSA-qf9m-vfgh-m389 |
fastapi | 0.90.0 | <0.95.2 |
show Fastapi 0.95.2 updates its dependency 'Starlette' to versions '>=0.27.0' to include a security fix. |
Package | Installed | Affected | Info |
---|---|---|---|
py | 1.11.0 | <=1.11.0 |
show ** DISPUTED ** Py throughout 1.11.0 allows remote attackers to conduct a ReDoS (Regular expression Denial of Service) attack via a Subversion repository with crafted info data because the InfoSvnCommand argument is mishandled. https://github.com/pytest-dev/py/issues/287 |
fastapi | 0.72.0 | <0.75.2 |
show Fastapi 0.75.2 updates its NPM dependency 'swagger-ui' to include security fixes. |
fastapi | 0.72.0 | <=0.109.0 |
show Fastapi 0.109.1 updates its minimum version of 'python-multipart' to >=0.0.7 to include a security fix. |
fastapi | 0.72.0 | <0.92.0 |
show Fastapi 0.92.0 updates its dependency 'Starlette' to v0.25.0 to include a security fix. |
fastapi | 0.72.0 | <0.75.2 |
show Fastapi 0.75.2 updates its dependency 'ujson' ranges to include a security fix. |
fastapi | 0.72.0 | <0.75.2 |
show Fastapi 0.75.2 updates its NPM dependency 'swagger-ui' to include security fixes. |
fastapi | 0.72.0 | <0.109.1 |
show FastAPI 0.109.1 addresses a critical security issue by upgrading its dependency python-multipart to version >=0.0.7. The upgrade mitigates a Regular Expression Denial of Service (ReDoS) vulnerability, which occurs when parsing form data. https://github.com/tiangolo/fastapi/security/advisories/GHSA-qf9m-vfgh-m389 |
fastapi | 0.72.0 | <0.95.2 |
show Fastapi 0.95.2 updates its dependency 'Starlette' to versions '>=0.27.0' to include a security fix. |
Package | Installed | Affected | Info |
---|---|---|---|
py | 1.11.0 | <=1.11.0 |
show ** DISPUTED ** Py throughout 1.11.0 allows remote attackers to conduct a ReDoS (Regular expression Denial of Service) attack via a Subversion repository with crafted info data because the InfoSvnCommand argument is mishandled. https://github.com/pytest-dev/py/issues/287 |
Package | Installed | Affected | Info |
---|---|---|---|
py | 1.11.0 | <=1.11.0 |
show ** DISPUTED ** Py throughout 1.11.0 allows remote attackers to conduct a ReDoS (Regular expression Denial of Service) attack via a Subversion repository with crafted info data because the InfoSvnCommand argument is mishandled. https://github.com/pytest-dev/py/issues/287 |
https://pyup.io/repos/github/h0rn3t/fastapi-async-sqlalchemy/python-3-shield.svg
[![Python 3](https://pyup.io/repos/github/h0rn3t/fastapi-async-sqlalchemy/python-3-shield.svg)](https://pyup.io/repos/github/h0rn3t/fastapi-async-sqlalchemy/)
.. image:: https://pyup.io/repos/github/h0rn3t/fastapi-async-sqlalchemy/python-3-shield.svg :target: https://pyup.io/repos/github/h0rn3t/fastapi-async-sqlalchemy/ :alt: Python 3
<a href="https://pyup.io/repos/github/h0rn3t/fastapi-async-sqlalchemy/"><img src="https://pyup.io/repos/github/h0rn3t/fastapi-async-sqlalchemy/shield.svg" alt="Python 3" /></a>
!https://pyup.io/repos/github/h0rn3t/fastapi-async-sqlalchemy/python-3-shield.svg(Python 3)!:https://pyup.io/repos/github/h0rn3t/fastapi-async-sqlalchemy/
{<img src="https://pyup.io/repos/github/h0rn3t/fastapi-async-sqlalchemy/python-3-shield.svg" alt="Python 3" />}[https://pyup.io/repos/github/h0rn3t/fastapi-async-sqlalchemy/]
https://pyup.io/repos/github/h0rn3t/fastapi-async-sqlalchemy/shield.svg
[![Updates](https://pyup.io/repos/github/h0rn3t/fastapi-async-sqlalchemy/shield.svg)](https://pyup.io/repos/github/h0rn3t/fastapi-async-sqlalchemy/)
.. image:: https://pyup.io/repos/github/h0rn3t/fastapi-async-sqlalchemy/shield.svg :target: https://pyup.io/repos/github/h0rn3t/fastapi-async-sqlalchemy/ :alt: Updates
<a href="https://pyup.io/repos/github/h0rn3t/fastapi-async-sqlalchemy/"><img src="https://pyup.io/repos/github/h0rn3t/fastapi-async-sqlalchemy/shield.svg" alt="Updates" /></a>
!https://pyup.io/repos/github/h0rn3t/fastapi-async-sqlalchemy/shield.svg(Updates)!:https://pyup.io/repos/github/h0rn3t/fastapi-async-sqlalchemy/
{<img src="https://pyup.io/repos/github/h0rn3t/fastapi-async-sqlalchemy/shield.svg" alt="Updates" />}[https://pyup.io/repos/github/h0rn3t/fastapi-async-sqlalchemy/]