Package | Installed | Affected | Info |
---|---|---|---|
black | 23.1.0 | <24.3.0 |
show Black before 24.3.0 have a security vulnerability where specific code formatting patterns could lead to arbitrary code execution. This issue arises from the unsafe handling of AST nodes, potentially allowing an attacker to execute code when Black formats a maliciously crafted Python file. https://github.com/psf/black/commit/f00093672628d212b8965a8993cee8bedf5fe9b8 |
Package | Installed | Affected | Info |
---|---|---|---|
black | 23.1.0 | <24.3.0 |
show Black before 24.3.0 have a security vulnerability where specific code formatting patterns could lead to arbitrary code execution. This issue arises from the unsafe handling of AST nodes, potentially allowing an attacker to execute code when Black formats a maliciously crafted Python file. https://github.com/psf/black/commit/f00093672628d212b8965a8993cee8bedf5fe9b8 |
Package | Installed | Affected | Info |
---|---|---|---|
idna | 3.6 | <3.7 |
show CVE-2024-3651 impacts the idna.encode() function, where a specially crafted argument could lead to significant resource consumption, causing a denial-of-service. In version 3.7, this function has been updated to reject such inputs efficiently, minimizing resource use. A practical workaround involves enforcing a maximum domain name length of 253 characters before encoding, as the vulnerability is triggered by unusually large inputs that normal operations wouldn't encounter. |
black | 23.1.0 | <24.3.0 |
show Black before 24.3.0 have a security vulnerability where specific code formatting patterns could lead to arbitrary code execution. This issue arises from the unsafe handling of AST nodes, potentially allowing an attacker to execute code when Black formats a maliciously crafted Python file. https://github.com/psf/black/commit/f00093672628d212b8965a8993cee8bedf5fe9b8 |
Package | Installed | Affected | Info |
---|---|---|---|
black | 23.1.0 | <24.3.0 |
show Black before 24.3.0 have a security vulnerability where specific code formatting patterns could lead to arbitrary code execution. This issue arises from the unsafe handling of AST nodes, potentially allowing an attacker to execute code when Black formats a maliciously crafted Python file. https://github.com/psf/black/commit/f00093672628d212b8965a8993cee8bedf5fe9b8 |
Package | Installed | Affected | Info |
---|---|---|---|
black | 23.1.0 | <24.3.0 |
show Black before 24.3.0 have a security vulnerability where specific code formatting patterns could lead to arbitrary code execution. This issue arises from the unsafe handling of AST nodes, potentially allowing an attacker to execute code when Black formats a maliciously crafted Python file. https://github.com/psf/black/commit/f00093672628d212b8965a8993cee8bedf5fe9b8 |
Package | Installed | Affected | Info |
---|---|---|---|
idna | 3.6 | <3.7 |
show CVE-2024-3651 impacts the idna.encode() function, where a specially crafted argument could lead to significant resource consumption, causing a denial-of-service. In version 3.7, this function has been updated to reject such inputs efficiently, minimizing resource use. A practical workaround involves enforcing a maximum domain name length of 253 characters before encoding, as the vulnerability is triggered by unusually large inputs that normal operations wouldn't encounter. |
black | 23.1.0 | <24.3.0 |
show Black before 24.3.0 have a security vulnerability where specific code formatting patterns could lead to arbitrary code execution. This issue arises from the unsafe handling of AST nodes, potentially allowing an attacker to execute code when Black formats a maliciously crafted Python file. https://github.com/psf/black/commit/f00093672628d212b8965a8993cee8bedf5fe9b8 |
https://pyup.io/repos/github/py-smart-gardena/py-smart-gardena/python-3-shield.svg
[![Python 3](https://pyup.io/repos/github/py-smart-gardena/py-smart-gardena/python-3-shield.svg)](https://pyup.io/repos/github/py-smart-gardena/py-smart-gardena/)
.. image:: https://pyup.io/repos/github/py-smart-gardena/py-smart-gardena/python-3-shield.svg :target: https://pyup.io/repos/github/py-smart-gardena/py-smart-gardena/ :alt: Python 3
<a href="https://pyup.io/repos/github/py-smart-gardena/py-smart-gardena/"><img src="https://pyup.io/repos/github/py-smart-gardena/py-smart-gardena/shield.svg" alt="Python 3" /></a>
!https://pyup.io/repos/github/py-smart-gardena/py-smart-gardena/python-3-shield.svg(Python 3)!:https://pyup.io/repos/github/py-smart-gardena/py-smart-gardena/
{<img src="https://pyup.io/repos/github/py-smart-gardena/py-smart-gardena/python-3-shield.svg" alt="Python 3" />}[https://pyup.io/repos/github/py-smart-gardena/py-smart-gardena/]
https://pyup.io/repos/github/py-smart-gardena/py-smart-gardena/shield.svg
[![Updates](https://pyup.io/repos/github/py-smart-gardena/py-smart-gardena/shield.svg)](https://pyup.io/repos/github/py-smart-gardena/py-smart-gardena/)
.. image:: https://pyup.io/repos/github/py-smart-gardena/py-smart-gardena/shield.svg :target: https://pyup.io/repos/github/py-smart-gardena/py-smart-gardena/ :alt: Updates
<a href="https://pyup.io/repos/github/py-smart-gardena/py-smart-gardena/"><img src="https://pyup.io/repos/github/py-smart-gardena/py-smart-gardena/shield.svg" alt="Updates" /></a>
!https://pyup.io/repos/github/py-smart-gardena/py-smart-gardena/shield.svg(Updates)!:https://pyup.io/repos/github/py-smart-gardena/py-smart-gardena/
{<img src="https://pyup.io/repos/github/py-smart-gardena/py-smart-gardena/shield.svg" alt="Updates" />}[https://pyup.io/repos/github/py-smart-gardena/py-smart-gardena/]