Safety CI > kiwitcms/Kiwi

master

2 months, 1 week ago

80e63820

Update psycopg from 3.2.1 to 3.2.2

Django 5.0.8 has known security vulnerabilities.

Package	Installed	Affected	Info
Django	5.0.8	<4.2.16 , >=5.0a1,<5.0.9 , >=5.1a1,<5.1.1	show A potential denial-of-service vulnerability has been identified in Django's urlize() and urlizetrunc() functions in django.utils.html. This vulnerability can be triggered by inputting huge strings containing a specific sequence of characters.
Django	5.0.8	<4.2.16 , >=5.0a1,<5.0.9 , >=5.1a1,<5.1.1	show A security vulnerability has been discovered in certain versions of Django, affecting the password reset functionality. The PasswordResetForm class in django.contrib.auth.forms inadvertently allowed attackers to enumerate user email addresses by exploiting unhandled exceptions during the email sending process. This could be done by issuing password reset requests and observing the responses. Django has implemented a fix where these exceptions are now caught and logged using the django.contrib.auth logger, preventing potential information leakage through error responses.

Package

Installed

Affected

Info

Django

5.0.8

<4.2.16 , >=5.0a1,<5.0.9 , >=5.1a1,<5.1.1

show

A potential denial-of-service vulnerability has been identified in Django's urlize() and urlizetrunc() functions in django.utils.html. This vulnerability can be triggered by inputting huge strings containing a specific sequence of characters.

Django

5.0.8

<4.2.16 , >=5.0a1,<5.0.9 , >=5.1a1,<5.1.1

show

A security vulnerability has been discovered in certain versions of Django, affecting the password reset functionality. The PasswordResetForm class in django.contrib.auth.forms inadvertently allowed attackers to enumerate user email addresses by exploiting unhandled exceptions during the email sending process. This could be done by issuing password reset requests and observing the responses. Django has implemented a fix where these exceptions are now caught and logged using the django.contrib.auth logger, preventing potential information leakage through error responses.

master

2 months, 1 week ago

e61c91b3

Update selenium from 4.23.1 to 4.24.0

Django 5.0.8 has known security vulnerabilities.

Package	Installed	Affected	Info
Django	5.0.8	<4.2.16 , >=5.0a1,<5.0.9 , >=5.1a1,<5.1.1	show A potential denial-of-service vulnerability has been identified in Django's urlize() and urlizetrunc() functions in django.utils.html. This vulnerability can be triggered by inputting huge strings containing a specific sequence of characters.
Django	5.0.8	<4.2.16 , >=5.0a1,<5.0.9 , >=5.1a1,<5.1.1	show A security vulnerability has been discovered in certain versions of Django, affecting the password reset functionality. The PasswordResetForm class in django.contrib.auth.forms inadvertently allowed attackers to enumerate user email addresses by exploiting unhandled exceptions during the email sending process. This could be done by issuing password reset requests and observing the responses. Django has implemented a fix where these exceptions are now caught and logged using the django.contrib.auth logger, preventing potential information leakage through error responses.

Package

Installed

Affected

Info

Django

5.0.8

<4.2.16 , >=5.0a1,<5.0.9 , >=5.1a1,<5.1.1

show

A potential denial-of-service vulnerability has been identified in Django's urlize() and urlizetrunc() functions in django.utils.html. This vulnerability can be triggered by inputting huge strings containing a specific sequence of characters.

Django

5.0.8

<4.2.16 , >=5.0a1,<5.0.9 , >=5.1a1,<5.1.1

show

A security vulnerability has been discovered in certain versions of Django, affecting the password reset functionality. The PasswordResetForm class in django.contrib.auth.forms inadvertently allowed attackers to enumerate user email addresses by exploiting unhandled exceptions during the email sending process. This could be done by issuing password reset requests and observing the responses. Django has implemented a fix where these exceptions are now caught and logged using the django.contrib.auth logger, preventing potential information leakage through error responses.

master

2 months, 1 week ago

3e1a7624

Bump eslint-plugin-import from 2.29.1 to 2.30.0 in /tcms Bumps [eslint-plugin-import](https://githu

Django 5.0.8 has known security vulnerabilities.

Package	Installed	Affected	Info
Django	5.0.8	<4.2.16 , >=5.0a1,<5.0.9 , >=5.1a1,<5.1.1	show A potential denial-of-service vulnerability has been identified in Django's urlize() and urlizetrunc() functions in django.utils.html. This vulnerability can be triggered by inputting huge strings containing a specific sequence of characters.
Django	5.0.8	<4.2.16 , >=5.0a1,<5.0.9 , >=5.1a1,<5.1.1	show A security vulnerability has been discovered in certain versions of Django, affecting the password reset functionality. The PasswordResetForm class in django.contrib.auth.forms inadvertently allowed attackers to enumerate user email addresses by exploiting unhandled exceptions during the email sending process. This could be done by issuing password reset requests and observing the responses. Django has implemented a fix where these exceptions are now caught and logged using the django.contrib.auth logger, preventing potential information leakage through error responses.

Package

Installed

Affected

Info

Django

5.0.8

<4.2.16 , >=5.0a1,<5.0.9 , >=5.1a1,<5.1.1

show

A potential denial-of-service vulnerability has been identified in Django's urlize() and urlizetrunc() functions in django.utils.html. This vulnerability can be triggered by inputting huge strings containing a specific sequence of characters.

Django

5.0.8

<4.2.16 , >=5.0a1,<5.0.9 , >=5.1a1,<5.1.1

show

A security vulnerability has been discovered in certain versions of Django, affecting the password reset functionality. The PasswordResetForm class in django.contrib.auth.forms inadvertently allowed attackers to enumerate user email addresses by exploiting unhandled exceptions during the email sending process. This could be done by issuing password reset requests and observing the responses. Django has implemented a fix where these exceptions are now caught and logged using the django.contrib.auth logger, preventing potential information leakage through error responses.

update_django

2 months, 1 week ago

ac34f9c0

Update Django from 5.0.8 to 5.0.9

No dependencies with known security vulnerabilities.

dependabot/pip/psycopg-binary--3.2.2

2 months, 1 week ago

67e4a2f6

Bump psycopg[binary] from 3.2.1 to 3.2.2 Bumps [psycopg[binary]](https://github.com/psycopg/psycopg

Django 5.0.8 has known security vulnerabilities.

Package	Installed	Affected	Info
Django	5.0.8	<4.2.16 , >=5.0a1,<5.0.9 , >=5.1a1,<5.1.1	show A potential denial-of-service vulnerability has been identified in Django's urlize() and urlizetrunc() functions in django.utils.html. This vulnerability can be triggered by inputting huge strings containing a specific sequence of characters.
Django	5.0.8	<4.2.16 , >=5.0a1,<5.0.9 , >=5.1a1,<5.1.1	show A security vulnerability has been discovered in certain versions of Django, affecting the password reset functionality. The PasswordResetForm class in django.contrib.auth.forms inadvertently allowed attackers to enumerate user email addresses by exploiting unhandled exceptions during the email sending process. This could be done by issuing password reset requests and observing the responses. Django has implemented a fix where these exceptions are now caught and logged using the django.contrib.auth logger, preventing potential information leakage through error responses.

Package

Installed

Affected

Info

Django

5.0.8

<4.2.16 , >=5.0a1,<5.0.9 , >=5.1a1,<5.1.1

show

A potential denial-of-service vulnerability has been identified in Django's urlize() and urlizetrunc() functions in django.utils.html. This vulnerability can be triggered by inputting huge strings containing a specific sequence of characters.

Django

5.0.8

<4.2.16 , >=5.0a1,<5.0.9 , >=5.1a1,<5.1.1

show

A security vulnerability has been discovered in certain versions of Django, affecting the password reset functionality. The PasswordResetForm class in django.contrib.auth.forms inadvertently allowed attackers to enumerate user email addresses by exploiting unhandled exceptions during the email sending process. This could be done by issuing password reset requests and observing the responses. Django has implemented a fix where these exceptions are now caught and logged using the django.contrib.auth logger, preventing potential information leakage through error responses.

dependabot/pip/python-gitlab-4.11.1

2 months, 1 week ago

eb0187c3

Bump python-gitlab from 4.9.0 to 4.11.1 Bumps [python-gitlab](https://github.com/python-gitlab/pyth

Django 5.0.8 has known security vulnerabilities.

Package	Installed	Affected	Info
Django	5.0.8	<4.2.16 , >=5.0a1,<5.0.9 , >=5.1a1,<5.1.1	show A potential denial-of-service vulnerability has been identified in Django's urlize() and urlizetrunc() functions in django.utils.html. This vulnerability can be triggered by inputting huge strings containing a specific sequence of characters.
Django	5.0.8	<4.2.16 , >=5.0a1,<5.0.9 , >=5.1a1,<5.1.1	show A security vulnerability has been discovered in certain versions of Django, affecting the password reset functionality. The PasswordResetForm class in django.contrib.auth.forms inadvertently allowed attackers to enumerate user email addresses by exploiting unhandled exceptions during the email sending process. This could be done by issuing password reset requests and observing the responses. Django has implemented a fix where these exceptions are now caught and logged using the django.contrib.auth logger, preventing potential information leakage through error responses.

Package

Installed

Affected

Info

Django

5.0.8

<4.2.16 , >=5.0a1,<5.0.9 , >=5.1a1,<5.1.1

show

A potential denial-of-service vulnerability has been identified in Django's urlize() and urlizetrunc() functions in django.utils.html. This vulnerability can be triggered by inputting huge strings containing a specific sequence of characters.

Django

5.0.8

<4.2.16 , >=5.0a1,<5.0.9 , >=5.1a1,<5.1.1

show

A security vulnerability has been discovered in certain versions of Django, affecting the password reset functionality. The PasswordResetForm class in django.contrib.auth.forms inadvertently allowed attackers to enumerate user email addresses by exploiting unhandled exceptions during the email sending process. This could be done by issuing password reset requests and observing the responses. Django has implemented a fix where these exceptions are now caught and logged using the django.contrib.auth logger, preventing potential information leakage through error responses.

pyup-update-psycopg-3.2.1-to-3.2.2

2 months, 1 week ago

888a6c71

Update psycopg from 3.2.1 to 3.2.2

Django 5.0.8 has known security vulnerabilities.

Package	Installed	Affected	Info
Django	5.0.8	<4.2.16 , >=5.0a1,<5.0.9 , >=5.1a1,<5.1.1	show A potential denial-of-service vulnerability has been identified in Django's urlize() and urlizetrunc() functions in django.utils.html. This vulnerability can be triggered by inputting huge strings containing a specific sequence of characters.
Django	5.0.8	<4.2.16 , >=5.0a1,<5.0.9 , >=5.1a1,<5.1.1	show A security vulnerability has been discovered in certain versions of Django, affecting the password reset functionality. The PasswordResetForm class in django.contrib.auth.forms inadvertently allowed attackers to enumerate user email addresses by exploiting unhandled exceptions during the email sending process. This could be done by issuing password reset requests and observing the responses. Django has implemented a fix where these exceptions are now caught and logged using the django.contrib.auth logger, preventing potential information leakage through error responses.

Package

Installed

Affected

Info

Django

5.0.8

<4.2.16 , >=5.0a1,<5.0.9 , >=5.1a1,<5.1.1

show

A potential denial-of-service vulnerability has been identified in Django's urlize() and urlizetrunc() functions in django.utils.html. This vulnerability can be triggered by inputting huge strings containing a specific sequence of characters.

Django

5.0.8

<4.2.16 , >=5.0a1,<5.0.9 , >=5.1a1,<5.1.1

show

A security vulnerability has been discovered in certain versions of Django, affecting the password reset functionality. The PasswordResetForm class in django.contrib.auth.forms inadvertently allowed attackers to enumerate user email addresses by exploiting unhandled exceptions during the email sending process. This could be done by issuing password reset requests and observing the responses. Django has implemented a fix where these exceptions are now caught and logged using the django.contrib.auth logger, preventing potential information leakage through error responses.

pyup-update-python-gitlab-4.9.0-to-4.11.1

2 months, 1 week ago

4815502b

Update python-gitlab from 4.9.0 to 4.11.1

Django 5.0.8 has known security vulnerabilities.

Package	Installed	Affected	Info
Django	5.0.8	<4.2.16 , >=5.0a1,<5.0.9 , >=5.1a1,<5.1.1	show A potential denial-of-service vulnerability has been identified in Django's urlize() and urlizetrunc() functions in django.utils.html. This vulnerability can be triggered by inputting huge strings containing a specific sequence of characters.
Django	5.0.8	<4.2.16 , >=5.0a1,<5.0.9 , >=5.1a1,<5.1.1	show A security vulnerability has been discovered in certain versions of Django, affecting the password reset functionality. The PasswordResetForm class in django.contrib.auth.forms inadvertently allowed attackers to enumerate user email addresses by exploiting unhandled exceptions during the email sending process. This could be done by issuing password reset requests and observing the responses. Django has implemented a fix where these exceptions are now caught and logged using the django.contrib.auth logger, preventing potential information leakage through error responses.

Package

Installed

Affected

Info

Django

5.0.8

<4.2.16 , >=5.0a1,<5.0.9 , >=5.1a1,<5.1.1

show

A potential denial-of-service vulnerability has been identified in Django's urlize() and urlizetrunc() functions in django.utils.html. This vulnerability can be triggered by inputting huge strings containing a specific sequence of characters.

Django

5.0.8

<4.2.16 , >=5.0a1,<5.0.9 , >=5.1a1,<5.1.1

show

A security vulnerability has been discovered in certain versions of Django, affecting the password reset functionality. The PasswordResetForm class in django.contrib.auth.forms inadvertently allowed attackers to enumerate user email addresses by exploiting unhandled exceptions during the email sending process. This could be done by issuing password reset requests and observing the responses. Django has implemented a fix where these exceptions are now caught and logged using the django.contrib.auth logger, preventing potential information leakage through error responses.

dependabot/npm_and_yarn/tcms/eslint-plugin-import-2.30.0

2 months, 2 weeks ago

fe331f6e

Bump eslint-plugin-import from 2.29.1 to 2.30.0 in /tcms Bumps [eslint-plugin-import](https://githu

Django 5.0.8 has known security vulnerabilities.

Package	Installed	Affected	Info
Django	5.0.8	<4.2.16 , >=5.0a1,<5.0.9 , >=5.1a1,<5.1.1	show A potential denial-of-service vulnerability has been identified in Django's urlize() and urlizetrunc() functions in django.utils.html. This vulnerability can be triggered by inputting huge strings containing a specific sequence of characters.
Django	5.0.8	<4.2.16 , >=5.0a1,<5.0.9 , >=5.1a1,<5.1.1	show A security vulnerability has been discovered in certain versions of Django, affecting the password reset functionality. The PasswordResetForm class in django.contrib.auth.forms inadvertently allowed attackers to enumerate user email addresses by exploiting unhandled exceptions during the email sending process. This could be done by issuing password reset requests and observing the responses. Django has implemented a fix where these exceptions are now caught and logged using the django.contrib.auth logger, preventing potential information leakage through error responses.

Package

Installed

Affected

Info

Django

5.0.8

<4.2.16 , >=5.0a1,<5.0.9 , >=5.1a1,<5.1.1

show

A potential denial-of-service vulnerability has been identified in Django's urlize() and urlizetrunc() functions in django.utils.html. This vulnerability can be triggered by inputting huge strings containing a specific sequence of characters.

Django

5.0.8

<4.2.16 , >=5.0a1,<5.0.9 , >=5.1a1,<5.1.1

show

A security vulnerability has been discovered in certain versions of Django, affecting the password reset functionality. The PasswordResetForm class in django.contrib.auth.forms inadvertently allowed attackers to enumerate user email addresses by exploiting unhandled exceptions during the email sending process. This could be done by issuing password reset requests and observing the responses. Django has implemented a fix where these exceptions are now caught and logged using the django.contrib.auth logger, preventing potential information leakage through error responses.

dependabot/pip/django-5.1.1

2 months, 2 weeks ago

2ae05f29

Bump django from 5.0.8 to 5.1.1 Bumps [django](https://github.com/django/django) from 5.0.8 to 5.1.

No dependencies with known security vulnerabilities.

pyup-update-django-5.0.8-to-5.1.1

2 months, 3 weeks ago

c3d1e882

Update django from 5.0.8 to 5.1.1

No dependencies with known security vulnerabilities.

pyup-update-selenium-4.23.1-to-4.24.0

2 months, 3 weeks ago

5fa60874

Update selenium from 4.23.1 to 4.24.0

No dependencies with known security vulnerabilities.

dependabot/pip/python-gitlab-4.10.0

2 months, 4 weeks ago

fbb3ad15

Bump python-gitlab from 4.9.0 to 4.10.0 Bumps [python-gitlab](https://github.com/python-gitlab/pyth

No dependencies with known security vulnerabilities.

pyup-update-python-gitlab-4.9.0-to-4.10.0

2 months, 4 weeks ago

40ac1776

Update python-gitlab from 4.9.0 to 4.10.0

No dependencies with known security vulnerabilities.

dependabot/pip/pygithub-2.4.0

2 months, 4 weeks ago

924afe46

Bump pygithub from 2.3.0 to 2.4.0 Bumps [pygithub](https://github.com/pygithub/pygithub) from 2.3.0

No dependencies with known security vulnerabilities.