Safety CI > kiwitcms/Kiwi

dependabot/pip/uwsgi-2.0.27

2 months ago

3bbf3230

Bump uwsgi from 2.0.26 to 2.0.27 Bumps [uwsgi](https://uwsgi-docs.readthedocs.io/en/latest/) from 2

No dependencies with known security vulnerabilities.

pyup-update-uwsgi-2.0.26-to-2.0.27

2 months ago

45b45ba8

Update uwsgi from 2.0.26 to 2.0.27

No dependencies with known security vulnerabilities.

pyup-update-tzdata-2024.1-to-2024.2

2 months ago

4f71e8d5

Update tzdata from 2024.1 to 2024.2

No dependencies with known security vulnerabilities.

dependabot/npm_and_yarn/tcms/pdfmake-0.2.13

2 months ago

bffe6d86

Bump pdfmake from 0.2.12 to 0.2.13 in /tcms Bumps [pdfmake](https://github.com/bpampuch/pdfmake) fr

No dependencies with known security vulnerabilities.

pyup-update-selenium-4.24.0-to-4.25.0

2 months ago

8bbcbd80

Update selenium from 4.24.0 to 4.25.0

No dependencies with known security vulnerabilities.

master

2 months ago

8fd0a343

Bump eslint from 8.57.0 to 8.57.1 in /tcms Bumps [eslint](https://github.com/eslint/eslint) from 8.

No dependencies with known security vulnerabilities.

dependabot/npm_and_yarn/tcms/eslint-8.57.1

2 months, 1 week ago

35d3d756

Bump eslint from 8.57.0 to 8.57.1 in /tcms Bumps [eslint](https://github.com/eslint/eslint) from 8.

No dependencies with known security vulnerabilities.

dependabot/pip/django-5.1.1

2 months, 1 week ago

7733a41c

Bump django from 5.0.8 to 5.1.1 Bumps [django](https://github.com/django/django) from 5.0.8 to 5.1.

No dependencies with known security vulnerabilities.

master

2 months, 1 week ago

71acf1dc

Bump pygithub from 2.3.0 to 2.4.0 Bumps [pygithub](https://github.com/pygithub/pygithub) from 2.3.0

No dependencies with known security vulnerabilities.

dependabot/pip/pygithub-2.4.0

2 months, 1 week ago

8d19947c

Bump pygithub from 2.3.0 to 2.4.0 Bumps [pygithub](https://github.com/pygithub/pygithub) from 2.3.0

No dependencies with known security vulnerabilities.

pyup-update-django-5.0.9-to-5.1.1

2 months, 1 week ago

dca17c82

Update django from 5.0.9 to 5.1.1

No dependencies with known security vulnerabilities.

dependabot/pip/django-5.1.1

2 months, 1 week ago

a2f9c683

Bump django from 5.0.8 to 5.1.1 Bumps [django](https://github.com/django/django) from 5.0.8 to 5.1.

No dependencies with known security vulnerabilities.

master

2 months, 1 week ago

85ef926d

Update Django from 5.0.8 to 5.0.9

No dependencies with known security vulnerabilities.

dependabot/pip/pygithub-2.4.0

2 months, 1 week ago

69e11ee4

Bump pygithub from 2.3.0 to 2.4.0 Bumps [pygithub](https://github.com/pygithub/pygithub) from 2.3.0

Django 5.0.8 has known security vulnerabilities.

Package	Installed	Affected	Info
Django	5.0.8	<4.2.16 , >=5.0a1,<5.0.9 , >=5.1a1,<5.1.1	show A potential denial-of-service vulnerability has been identified in Django's urlize() and urlizetrunc() functions in django.utils.html. This vulnerability can be triggered by inputting huge strings containing a specific sequence of characters.
Django	5.0.8	<4.2.16 , >=5.0a1,<5.0.9 , >=5.1a1,<5.1.1	show A security vulnerability has been discovered in certain versions of Django, affecting the password reset functionality. The PasswordResetForm class in django.contrib.auth.forms inadvertently allowed attackers to enumerate user email addresses by exploiting unhandled exceptions during the email sending process. This could be done by issuing password reset requests and observing the responses. Django has implemented a fix where these exceptions are now caught and logged using the django.contrib.auth logger, preventing potential information leakage through error responses.

Package

Installed

Affected

Info

Django

5.0.8

<4.2.16 , >=5.0a1,<5.0.9 , >=5.1a1,<5.1.1

show

A potential denial-of-service vulnerability has been identified in Django's urlize() and urlizetrunc() functions in django.utils.html. This vulnerability can be triggered by inputting huge strings containing a specific sequence of characters.

Django

5.0.8

<4.2.16 , >=5.0a1,<5.0.9 , >=5.1a1,<5.1.1

show

A security vulnerability has been discovered in certain versions of Django, affecting the password reset functionality. The PasswordResetForm class in django.contrib.auth.forms inadvertently allowed attackers to enumerate user email addresses by exploiting unhandled exceptions during the email sending process. This could be done by issuing password reset requests and observing the responses. Django has implemented a fix where these exceptions are now caught and logged using the django.contrib.auth logger, preventing potential information leakage through error responses.

master

2 months, 1 week ago

5dee645c

Update python-gitlab from 4.9.0 to 4.11.1

Django 5.0.8 has known security vulnerabilities.

Package	Installed	Affected	Info
Django	5.0.8	<4.2.16 , >=5.0a1,<5.0.9 , >=5.1a1,<5.1.1	show A potential denial-of-service vulnerability has been identified in Django's urlize() and urlizetrunc() functions in django.utils.html. This vulnerability can be triggered by inputting huge strings containing a specific sequence of characters.
Django	5.0.8	<4.2.16 , >=5.0a1,<5.0.9 , >=5.1a1,<5.1.1	show A security vulnerability has been discovered in certain versions of Django, affecting the password reset functionality. The PasswordResetForm class in django.contrib.auth.forms inadvertently allowed attackers to enumerate user email addresses by exploiting unhandled exceptions during the email sending process. This could be done by issuing password reset requests and observing the responses. Django has implemented a fix where these exceptions are now caught and logged using the django.contrib.auth logger, preventing potential information leakage through error responses.

Package

Installed

Affected

Info

Django

5.0.8

<4.2.16 , >=5.0a1,<5.0.9 , >=5.1a1,<5.1.1

show

A potential denial-of-service vulnerability has been identified in Django's urlize() and urlizetrunc() functions in django.utils.html. This vulnerability can be triggered by inputting huge strings containing a specific sequence of characters.

Django

5.0.8

<4.2.16 , >=5.0a1,<5.0.9 , >=5.1a1,<5.1.1

show

A security vulnerability has been discovered in certain versions of Django, affecting the password reset functionality. The PasswordResetForm class in django.contrib.auth.forms inadvertently allowed attackers to enumerate user email addresses by exploiting unhandled exceptions during the email sending process. This could be done by issuing password reset requests and observing the responses. Django has implemented a fix where these exceptions are now caught and logged using the django.contrib.auth logger, preventing potential information leakage through error responses.