pyup-update-wheel-0.33.6-to-0.41.2
8 months ago
Update wheel from 0.33.6 to 0.41.2
click 7.0, Sphinx 3.0.4 and 2 other dependencies have known security vulnerabilities.
| Package | Installed | Affected | Info |
|---|---|---|---|
| click | 7.0 | <8.0.0 |
show Click 8.0.0 uses 'mkstemp()' instead of the deprecated & insecure 'mktemp()'. https://github.com/pallets/click/issues/1752 |
| Sphinx | 3.0.4 | <3.3.0 |
show Sphinx 3.3.0 includes a fix for a ReDoS vulnerability in inventory. https://github.com/sphinx-doc/sphinx/issues/8175 https://github.com/sphinx-doc/sphinx/commit/f7b872e673f9b359a61fd287a7338a28077840d2 |
| Sphinx | 3.0.4 | <3.3.0 |
show Sphinx 3.3.0 includes a fix for a ReDoS vulnerability in docstring. https://github.com/sphinx-doc/sphinx/issues/8172 https://github.com/sphinx-doc/sphinx/commit/f00e75278c5999f40b214d8934357fbf0e705417 |
| pytest-runner | 6.0.0 | >0 |
show Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684. It is recommended that you: - Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option. - Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option. - Select a tool to bootstrap and then run tests such as tox. https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst |
| opencv-python | 4.2.0.32 | >=3.4.9.31,<4.8.1.78 |
show Opencv-python 4.8.1.78 updates its bundled dependency 'libwebp' to include a fix for a high risk vulnerability. Only mac OS X wheels on PyPI were affected. https://github.com/opencv/opencv-python/releases/tag/78 |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'libpng' to v1.6.37 to include a security fix. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'zlib' to v1.2.13 to include a security fix. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'FFmpeg' to v5.1.2 to include a security fix. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show OpenCV's wechat_qrcode module, specifically versions up to 4.7.0, has a significant vulnerability affecting the DecodedBitStreamParser::decodeHanziSegment function within the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability can cause a memory leak. The potential attack can be executed remotely. To rectify this issue, it's advisable to apply a patch named 2b62ff6181163eea029ed1cab11363b4996e9cd6. https://github.com/opencv/opencv_contrib/pull/3484/commits/2b62ff6181163eea029ed1cab11363b4996e9cd6 |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'freetype' to v2.12.1 to include a security fix. |
| opencv-python | 4.2.0.32 | <= 4.7.0 |
show The OpenCV wechat_qrcode module, versions up to 4.7.0, contains a critical vulnerability affecting the DecodedBitStreamParser::decodeByteSegment function in the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability, if exploited, could lead to a null pointer dereference. Attackers can potentially launch this attack remotely. https://github.com/opencv/opencv_contrib/pull/3480 |
pyup-update-sphinx-3.0.4-to-7.2.2
8 months ago
Update sphinx from 3.0.4 to 7.2.2
click 7.0, wheel 0.33.6 and 3 other dependencies have known security vulnerabilities.
| Package | Installed | Affected | Info |
|---|---|---|---|
| click | 7.0 | <8.0.0 |
show Click 8.0.0 uses 'mkstemp()' instead of the deprecated & insecure 'mktemp()'. https://github.com/pallets/click/issues/1752 |
| wheel | 0.33.6 | <0.38.1 |
show Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages |
| pytest-runner | 6.0.0 | >0 |
show Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684. It is recommended that you: - Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option. - Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option. - Select a tool to bootstrap and then run tests such as tox. https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst |
| opencv-python | 4.2.0.32 | >=3.4.9.31,<4.8.1.78 |
show Opencv-python 4.8.1.78 updates its bundled dependency 'libwebp' to include a fix for a high risk vulnerability. Only mac OS X wheels on PyPI were affected. https://github.com/opencv/opencv-python/releases/tag/78 |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'libpng' to v1.6.37 to include a security fix. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'zlib' to v1.2.13 to include a security fix. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'FFmpeg' to v5.1.2 to include a security fix. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show OpenCV's wechat_qrcode module, specifically versions up to 4.7.0, has a significant vulnerability affecting the DecodedBitStreamParser::decodeHanziSegment function within the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability can cause a memory leak. The potential attack can be executed remotely. To rectify this issue, it's advisable to apply a patch named 2b62ff6181163eea029ed1cab11363b4996e9cd6. https://github.com/opencv/opencv_contrib/pull/3484/commits/2b62ff6181163eea029ed1cab11363b4996e9cd6 |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'freetype' to v2.12.1 to include a security fix. |
| opencv-python | 4.2.0.32 | <= 4.7.0 |
show The OpenCV wechat_qrcode module, versions up to 4.7.0, contains a critical vulnerability affecting the DecodedBitStreamParser::decodeByteSegment function in the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability, if exploited, could lead to a null pointer dereference. Attackers can potentially launch this attack remotely. https://github.com/opencv/opencv_contrib/pull/3480 |
pyup-update-click-7.0-to-8.1.7
8 months ago
Update click from 7.0 to 8.1.7
wheel 0.33.6, Sphinx 3.0.4 and 3 other dependencies have known security vulnerabilities.
| Package | Installed | Affected | Info |
|---|---|---|---|
| wheel | 0.33.6 | <0.38.1 |
show Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages |
| Sphinx | 3.0.4 | <3.3.0 |
show Sphinx 3.3.0 includes a fix for a ReDoS vulnerability in inventory. https://github.com/sphinx-doc/sphinx/issues/8175 https://github.com/sphinx-doc/sphinx/commit/f7b872e673f9b359a61fd287a7338a28077840d2 |
| Sphinx | 3.0.4 | <3.3.0 |
show Sphinx 3.3.0 includes a fix for a ReDoS vulnerability in docstring. https://github.com/sphinx-doc/sphinx/issues/8172 https://github.com/sphinx-doc/sphinx/commit/f00e75278c5999f40b214d8934357fbf0e705417 |
| pytest-runner | 6.0.0 | >0 |
show Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684. It is recommended that you: - Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option. - Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option. - Select a tool to bootstrap and then run tests such as tox. https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst |
| opencv-python | 4.2.0.32 | >=3.4.9.31,<4.8.1.78 |
show Opencv-python 4.8.1.78 updates its bundled dependency 'libwebp' to include a fix for a high risk vulnerability. Only mac OS X wheels on PyPI were affected. https://github.com/opencv/opencv-python/releases/tag/78 |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'libpng' to v1.6.37 to include a security fix. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'zlib' to v1.2.13 to include a security fix. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'FFmpeg' to v5.1.2 to include a security fix. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show OpenCV's wechat_qrcode module, specifically versions up to 4.7.0, has a significant vulnerability affecting the DecodedBitStreamParser::decodeHanziSegment function within the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability can cause a memory leak. The potential attack can be executed remotely. To rectify this issue, it's advisable to apply a patch named 2b62ff6181163eea029ed1cab11363b4996e9cd6. https://github.com/opencv/opencv_contrib/pull/3484/commits/2b62ff6181163eea029ed1cab11363b4996e9cd6 |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'freetype' to v2.12.1 to include a security fix. |
| opencv-python | 4.2.0.32 | <= 4.7.0 |
show The OpenCV wechat_qrcode module, versions up to 4.7.0, contains a critical vulnerability affecting the DecodedBitStreamParser::decodeByteSegment function in the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability, if exploited, could lead to a null pointer dereference. Attackers can potentially launch this attack remotely. https://github.com/opencv/opencv_contrib/pull/3480 |
pyup-update-sphinx-3.0.4-to-7.2.1
8 months ago
Update sphinx from 3.0.4 to 7.2.1
click 7.0, wheel 0.33.6 and 3 other dependencies have known security vulnerabilities.
| Package | Installed | Affected | Info |
|---|---|---|---|
| click | 7.0 | <8.0.0 |
show Click 8.0.0 uses 'mkstemp()' instead of the deprecated & insecure 'mktemp()'. https://github.com/pallets/click/issues/1752 |
| wheel | 0.33.6 | <0.38.1 |
show Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages |
| pytest-runner | 6.0.0 | >0 |
show Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684. It is recommended that you: - Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option. - Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option. - Select a tool to bootstrap and then run tests such as tox. https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst |
| opencv-python | 4.2.0.32 | >=3.4.9.31,<4.8.1.78 |
show Opencv-python 4.8.1.78 updates its bundled dependency 'libwebp' to include a fix for a high risk vulnerability. Only mac OS X wheels on PyPI were affected. https://github.com/opencv/opencv-python/releases/tag/78 |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'libpng' to v1.6.37 to include a security fix. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'zlib' to v1.2.13 to include a security fix. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'FFmpeg' to v5.1.2 to include a security fix. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show OpenCV's wechat_qrcode module, specifically versions up to 4.7.0, has a significant vulnerability affecting the DecodedBitStreamParser::decodeHanziSegment function within the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability can cause a memory leak. The potential attack can be executed remotely. To rectify this issue, it's advisable to apply a patch named 2b62ff6181163eea029ed1cab11363b4996e9cd6. https://github.com/opencv/opencv_contrib/pull/3484/commits/2b62ff6181163eea029ed1cab11363b4996e9cd6 |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'freetype' to v2.12.1 to include a security fix. |
| opencv-python | 4.2.0.32 | <= 4.7.0 |
show The OpenCV wechat_qrcode module, versions up to 4.7.0, contains a critical vulnerability affecting the DecodedBitStreamParser::decodeByteSegment function in the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability, if exploited, could lead to a null pointer dereference. Attackers can potentially launch this attack remotely. https://github.com/opencv/opencv_contrib/pull/3480 |
pyup-update-opencv-python-4.2.0.32-to-4.8.0.76
8 months, 1 week ago
Update opencv-python from 4.2.0.32 to 4.8.0.76
click 7.0, wheel 0.33.6, Sphinx 3.0.4 and 2 other dependencies have known security vulnerabilities.
| Package | Installed | Affected | Info |
|---|---|---|---|
| click | 7.0 | <8.0.0 |
show Click 8.0.0 uses 'mkstemp()' instead of the deprecated & insecure 'mktemp()'. https://github.com/pallets/click/issues/1752 |
| wheel | 0.33.6 | <0.38.1 |
show Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages |
| Sphinx | 3.0.4 | <3.3.0 |
show Sphinx 3.3.0 includes a fix for a ReDoS vulnerability in inventory. https://github.com/sphinx-doc/sphinx/issues/8175 https://github.com/sphinx-doc/sphinx/commit/f7b872e673f9b359a61fd287a7338a28077840d2 |
| Sphinx | 3.0.4 | <3.3.0 |
show Sphinx 3.3.0 includes a fix for a ReDoS vulnerability in docstring. https://github.com/sphinx-doc/sphinx/issues/8172 https://github.com/sphinx-doc/sphinx/commit/f00e75278c5999f40b214d8934357fbf0e705417 |
| pytest-runner | 6.0.0 | >0 |
show Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684. It is recommended that you: - Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option. - Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option. - Select a tool to bootstrap and then run tests such as tox. https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst |
pyup-update-wheel-0.33.6-to-0.41.1
8 months, 2 weeks ago
Update wheel from 0.33.6 to 0.41.1
click 7.0, Sphinx 3.0.4 and 3 other dependencies have known security vulnerabilities.
| Package | Installed | Affected | Info |
|---|---|---|---|
| click | 7.0 | <8.0.0 |
show Click 8.0.0 uses 'mkstemp()' instead of the deprecated & insecure 'mktemp()'. https://github.com/pallets/click/issues/1752 |
| Sphinx | 3.0.4 | <3.3.0 |
show Sphinx 3.3.0 includes a fix for a ReDoS vulnerability in inventory. https://github.com/sphinx-doc/sphinx/issues/8175 https://github.com/sphinx-doc/sphinx/commit/f7b872e673f9b359a61fd287a7338a28077840d2 |
| Sphinx | 3.0.4 | <3.3.0 |
show Sphinx 3.3.0 includes a fix for a ReDoS vulnerability in docstring. https://github.com/sphinx-doc/sphinx/issues/8172 https://github.com/sphinx-doc/sphinx/commit/f00e75278c5999f40b214d8934357fbf0e705417 |
| pytest-runner | 6.0.0 | >0 |
show Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684. It is recommended that you: - Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option. - Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option. - Select a tool to bootstrap and then run tests such as tox. https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst |
| opencv-python | 4.2.0.32 | >=3.4.9.31,<4.8.1.78 |
show Opencv-python 4.8.1.78 updates its bundled dependency 'libwebp' to include a fix for a high risk vulnerability. Only mac OS X wheels on PyPI were affected. https://github.com/opencv/opencv-python/releases/tag/78 |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'libpng' to v1.6.37 to include a security fix. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'zlib' to v1.2.13 to include a security fix. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'FFmpeg' to v5.1.2 to include a security fix. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show OpenCV's wechat_qrcode module, specifically versions up to 4.7.0, has a significant vulnerability affecting the DecodedBitStreamParser::decodeHanziSegment function within the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability can cause a memory leak. The potential attack can be executed remotely. To rectify this issue, it's advisable to apply a patch named 2b62ff6181163eea029ed1cab11363b4996e9cd6. https://github.com/opencv/opencv_contrib/pull/3484/commits/2b62ff6181163eea029ed1cab11363b4996e9cd6 |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'freetype' to v2.12.1 to include a security fix. |
| opencv-python | 4.2.0.32 | <= 4.7.0 |
show The OpenCV wechat_qrcode module, versions up to 4.7.0, contains a critical vulnerability affecting the DecodedBitStreamParser::decodeByteSegment function in the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability, if exploited, could lead to a null pointer dereference. Attackers can potentially launch this attack remotely. https://github.com/opencv/opencv_contrib/pull/3480 |
pyup-update-sphinx-3.0.4-to-7.1.2
8 months, 2 weeks ago
Update sphinx from 3.0.4 to 7.1.2
click 7.0, wheel 0.33.6 and 3 other dependencies have known security vulnerabilities.
| Package | Installed | Affected | Info |
|---|---|---|---|
| click | 7.0 | <8.0.0 |
show Click 8.0.0 uses 'mkstemp()' instead of the deprecated & insecure 'mktemp()'. https://github.com/pallets/click/issues/1752 |
| wheel | 0.33.6 | <0.38.1 |
show Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages |
| pytest-runner | 6.0.0 | >0 |
show Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684. It is recommended that you: - Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option. - Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option. - Select a tool to bootstrap and then run tests such as tox. https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst |
| opencv-python | 4.2.0.32 | >=3.4.9.31,<4.8.1.78 |
show Opencv-python 4.8.1.78 updates its bundled dependency 'libwebp' to include a fix for a high risk vulnerability. Only mac OS X wheels on PyPI were affected. https://github.com/opencv/opencv-python/releases/tag/78 |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'libpng' to v1.6.37 to include a security fix. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'zlib' to v1.2.13 to include a security fix. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'FFmpeg' to v5.1.2 to include a security fix. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show OpenCV's wechat_qrcode module, specifically versions up to 4.7.0, has a significant vulnerability affecting the DecodedBitStreamParser::decodeHanziSegment function within the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability can cause a memory leak. The potential attack can be executed remotely. To rectify this issue, it's advisable to apply a patch named 2b62ff6181163eea029ed1cab11363b4996e9cd6. https://github.com/opencv/opencv_contrib/pull/3484/commits/2b62ff6181163eea029ed1cab11363b4996e9cd6 |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'freetype' to v2.12.1 to include a security fix. |
| opencv-python | 4.2.0.32 | <= 4.7.0 |
show The OpenCV wechat_qrcode module, versions up to 4.7.0, contains a critical vulnerability affecting the DecodedBitStreamParser::decodeByteSegment function in the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability, if exploited, could lead to a null pointer dereference. Attackers can potentially launch this attack remotely. https://github.com/opencv/opencv_contrib/pull/3480 |
pyup-update-sphinx-3.0.4-to-7.1.1
8 months, 3 weeks ago
Update sphinx from 3.0.4 to 7.1.1
click 7.0, wheel 0.33.6 and 3 other dependencies have known security vulnerabilities.
| Package | Installed | Affected | Info |
|---|---|---|---|
| click | 7.0 | <8.0.0 |
show Click 8.0.0 uses 'mkstemp()' instead of the deprecated & insecure 'mktemp()'. https://github.com/pallets/click/issues/1752 |
| wheel | 0.33.6 | <0.38.1 |
show Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages |
| pytest-runner | 6.0.0 | >0 |
show Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684. It is recommended that you: - Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option. - Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option. - Select a tool to bootstrap and then run tests such as tox. https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst |
| opencv-python | 4.2.0.32 | >=3.4.9.31,<4.8.1.78 |
show Opencv-python 4.8.1.78 updates its bundled dependency 'libwebp' to include a fix for a high risk vulnerability. Only mac OS X wheels on PyPI were affected. https://github.com/opencv/opencv-python/releases/tag/78 |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'libpng' to v1.6.37 to include a security fix. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'zlib' to v1.2.13 to include a security fix. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'FFmpeg' to v5.1.2 to include a security fix. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show OpenCV's wechat_qrcode module, specifically versions up to 4.7.0, has a significant vulnerability affecting the DecodedBitStreamParser::decodeHanziSegment function within the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability can cause a memory leak. The potential attack can be executed remotely. To rectify this issue, it's advisable to apply a patch named 2b62ff6181163eea029ed1cab11363b4996e9cd6. https://github.com/opencv/opencv_contrib/pull/3484/commits/2b62ff6181163eea029ed1cab11363b4996e9cd6 |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'freetype' to v2.12.1 to include a security fix. |
| opencv-python | 4.2.0.32 | <= 4.7.0 |
show The OpenCV wechat_qrcode module, versions up to 4.7.0, contains a critical vulnerability affecting the DecodedBitStreamParser::decodeByteSegment function in the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability, if exploited, could lead to a null pointer dereference. Attackers can potentially launch this attack remotely. https://github.com/opencv/opencv_contrib/pull/3480 |
pyup-update-sphinx-3.0.4-to-7.1.0
8 months, 4 weeks ago
Update sphinx from 3.0.4 to 7.1.0
click 7.0, wheel 0.33.6 and 3 other dependencies have known security vulnerabilities.
| Package | Installed | Affected | Info |
|---|---|---|---|
| click | 7.0 | <8.0.0 |
show Click 8.0.0 uses 'mkstemp()' instead of the deprecated & insecure 'mktemp()'. https://github.com/pallets/click/issues/1752 |
| wheel | 0.33.6 | <0.38.1 |
show Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages |
| pytest-runner | 6.0.0 | >0 |
show Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684. It is recommended that you: - Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option. - Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option. - Select a tool to bootstrap and then run tests such as tox. https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst |
| opencv-python | 4.2.0.32 | >=3.4.9.31,<4.8.1.78 |
show Opencv-python 4.8.1.78 updates its bundled dependency 'libwebp' to include a fix for a high risk vulnerability. Only mac OS X wheels on PyPI were affected. https://github.com/opencv/opencv-python/releases/tag/78 |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'libpng' to v1.6.37 to include a security fix. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'zlib' to v1.2.13 to include a security fix. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'FFmpeg' to v5.1.2 to include a security fix. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show OpenCV's wechat_qrcode module, specifically versions up to 4.7.0, has a significant vulnerability affecting the DecodedBitStreamParser::decodeHanziSegment function within the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability can cause a memory leak. The potential attack can be executed remotely. To rectify this issue, it's advisable to apply a patch named 2b62ff6181163eea029ed1cab11363b4996e9cd6. https://github.com/opencv/opencv_contrib/pull/3484/commits/2b62ff6181163eea029ed1cab11363b4996e9cd6 |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'freetype' to v2.12.1 to include a security fix. |
| opencv-python | 4.2.0.32 | <= 4.7.0 |
show The OpenCV wechat_qrcode module, versions up to 4.7.0, contains a critical vulnerability affecting the DecodedBitStreamParser::decodeByteSegment function in the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability, if exploited, could lead to a null pointer dereference. Attackers can potentially launch this attack remotely. https://github.com/opencv/opencv_contrib/pull/3480 |
pyup-update-wheel-0.33.6-to-0.41.0
9 months ago
Update wheel from 0.33.6 to 0.41.0
click 7.0, pandas 0.25.3 and 2 other dependencies have known security vulnerabilities.
| Package | Installed | Affected | Info |
|---|---|---|---|
| click | 7.0 | <8.0.0 |
show Click 8.0.0 uses 'mkstemp()' instead of the deprecated & insecure 'mktemp()'. https://github.com/pallets/click/issues/1752 |
| pytest-runner | 6.0.0 | >0 |
show Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684. It is recommended that you: - Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option. - Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option. - Select a tool to bootstrap and then run tests such as tox. https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst |
| opencv-python | 4.2.0.32 | >=3.4.9.31,<4.8.1.78 |
show Opencv-python 4.8.1.78 updates its bundled dependency 'libwebp' to include a fix for a high risk vulnerability. Only mac OS X wheels on PyPI were affected. https://github.com/opencv/opencv-python/releases/tag/78 |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'libpng' to v1.6.37 to include a security fix. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'zlib' to v1.2.13 to include a security fix. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'FFmpeg' to v5.1.2 to include a security fix. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show OpenCV's wechat_qrcode module, specifically versions up to 4.7.0, has a significant vulnerability affecting the DecodedBitStreamParser::decodeHanziSegment function within the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability can cause a memory leak. The potential attack can be executed remotely. To rectify this issue, it's advisable to apply a patch named 2b62ff6181163eea029ed1cab11363b4996e9cd6. https://github.com/opencv/opencv_contrib/pull/3484/commits/2b62ff6181163eea029ed1cab11363b4996e9cd6 |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'freetype' to v2.12.1 to include a security fix. |
| opencv-python | 4.2.0.32 | <= 4.7.0 |
show The OpenCV wechat_qrcode module, versions up to 4.7.0, contains a critical vulnerability affecting the DecodedBitStreamParser::decodeByteSegment function in the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability, if exploited, could lead to a null pointer dereference. Attackers can potentially launch this attack remotely. https://github.com/opencv/opencv_contrib/pull/3480 |
pyup-update-click-7.0-to-8.1.6
9 months ago
Update click from 7.0 to 8.1.6
wheel 0.33.6, pandas 0.25.3 and 2 other dependencies have known security vulnerabilities.
| Package | Installed | Affected | Info |
|---|---|---|---|
| wheel | 0.33.6 | <0.38.1 |
show Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages |
| pytest-runner | 6.0.0 | >0 |
show Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684. It is recommended that you: - Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option. - Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option. - Select a tool to bootstrap and then run tests such as tox. https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst |
| opencv-python | 4.2.0.32 | >=3.4.9.31,<4.8.1.78 |
show Opencv-python 4.8.1.78 updates its bundled dependency 'libwebp' to include a fix for a high risk vulnerability. Only mac OS X wheels on PyPI were affected. https://github.com/opencv/opencv-python/releases/tag/78 |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'libpng' to v1.6.37 to include a security fix. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'zlib' to v1.2.13 to include a security fix. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'FFmpeg' to v5.1.2 to include a security fix. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show OpenCV's wechat_qrcode module, specifically versions up to 4.7.0, has a significant vulnerability affecting the DecodedBitStreamParser::decodeHanziSegment function within the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability can cause a memory leak. The potential attack can be executed remotely. To rectify this issue, it's advisable to apply a patch named 2b62ff6181163eea029ed1cab11363b4996e9cd6. https://github.com/opencv/opencv_contrib/pull/3484/commits/2b62ff6181163eea029ed1cab11363b4996e9cd6 |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'freetype' to v2.12.1 to include a security fix. |
| opencv-python | 4.2.0.32 | <= 4.7.0 |
show The OpenCV wechat_qrcode module, versions up to 4.7.0, contains a critical vulnerability affecting the DecodedBitStreamParser::decodeByteSegment function in the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability, if exploited, could lead to a null pointer dereference. Attackers can potentially launch this attack remotely. https://github.com/opencv/opencv_contrib/pull/3480 |
pyup-update-click-7.0-to-8.1.5
9 months, 1 week ago
Update click from 7.0 to 8.1.5
wheel 0.33.6, pandas 0.25.3 and 2 other dependencies have known security vulnerabilities.
| Package | Installed | Affected | Info |
|---|---|---|---|
| wheel | 0.33.6 | <0.38.1 |
show Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages |
| pytest-runner | 6.0.0 | >0 |
show Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684. It is recommended that you: - Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option. - Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option. - Select a tool to bootstrap and then run tests such as tox. https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst |
| opencv-python | 4.2.0.32 | >=3.4.9.31,<4.8.1.78 |
show Opencv-python 4.8.1.78 updates its bundled dependency 'libwebp' to include a fix for a high risk vulnerability. Only mac OS X wheels on PyPI were affected. https://github.com/opencv/opencv-python/releases/tag/78 |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'libpng' to v1.6.37 to include a security fix. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'zlib' to v1.2.13 to include a security fix. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'FFmpeg' to v5.1.2 to include a security fix. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show OpenCV's wechat_qrcode module, specifically versions up to 4.7.0, has a significant vulnerability affecting the DecodedBitStreamParser::decodeHanziSegment function within the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability can cause a memory leak. The potential attack can be executed remotely. To rectify this issue, it's advisable to apply a patch named 2b62ff6181163eea029ed1cab11363b4996e9cd6. https://github.com/opencv/opencv_contrib/pull/3484/commits/2b62ff6181163eea029ed1cab11363b4996e9cd6 |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'freetype' to v2.12.1 to include a security fix. |
| opencv-python | 4.2.0.32 | <= 4.7.0 |
show The OpenCV wechat_qrcode module, versions up to 4.7.0, contains a critical vulnerability affecting the DecodedBitStreamParser::decodeByteSegment function in the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability, if exploited, could lead to a null pointer dereference. Attackers can potentially launch this attack remotely. https://github.com/opencv/opencv_contrib/pull/3480 |
pyup-update-click-7.0-to-8.1.4
9 months, 2 weeks ago
Update click from 7.0 to 8.1.4
wheel 0.33.6, pandas 0.25.3 and 2 other dependencies have known security vulnerabilities.
| Package | Installed | Affected | Info |
|---|---|---|---|
| wheel | 0.33.6 | <0.38.1 |
show Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages |
| pytest-runner | 6.0.0 | >0 |
show Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684. It is recommended that you: - Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option. - Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option. - Select a tool to bootstrap and then run tests such as tox. https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst |
| opencv-python | 4.2.0.32 | >=3.4.9.31,<4.8.1.78 |
show Opencv-python 4.8.1.78 updates its bundled dependency 'libwebp' to include a fix for a high risk vulnerability. Only mac OS X wheels on PyPI were affected. https://github.com/opencv/opencv-python/releases/tag/78 |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'libpng' to v1.6.37 to include a security fix. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'zlib' to v1.2.13 to include a security fix. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'FFmpeg' to v5.1.2 to include a security fix. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show OpenCV's wechat_qrcode module, specifically versions up to 4.7.0, has a significant vulnerability affecting the DecodedBitStreamParser::decodeHanziSegment function within the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability can cause a memory leak. The potential attack can be executed remotely. To rectify this issue, it's advisable to apply a patch named 2b62ff6181163eea029ed1cab11363b4996e9cd6. https://github.com/opencv/opencv_contrib/pull/3484/commits/2b62ff6181163eea029ed1cab11363b4996e9cd6 |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'freetype' to v2.12.1 to include a security fix. |
| opencv-python | 4.2.0.32 | <= 4.7.0 |
show The OpenCV wechat_qrcode module, versions up to 4.7.0, contains a critical vulnerability affecting the DecodedBitStreamParser::decodeByteSegment function in the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability, if exploited, could lead to a null pointer dereference. Attackers can potentially launch this attack remotely. https://github.com/opencv/opencv_contrib/pull/3480 |
pyup-update-opencv-python-4.2.0.32-to-4.8.0.74
9 months, 3 weeks ago
Update opencv-python from 4.2.0.32 to 4.8.0.74
click 7.0, wheel 0.33.6 and 2 other dependencies have known security vulnerabilities.
| Package | Installed | Affected | Info |
|---|---|---|---|
| click | 7.0 | <8.0.0 |
show Click 8.0.0 uses 'mkstemp()' instead of the deprecated & insecure 'mktemp()'. https://github.com/pallets/click/issues/1752 |
| wheel | 0.33.6 | <0.38.1 |
show Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages |
| pytest-runner | 6.0.0 | >0 |
show Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684. It is recommended that you: - Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option. - Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option. - Select a tool to bootstrap and then run tests such as tox. https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst |
pyup-update-pandas-0.25.3-to-2.0.3
9 months, 3 weeks ago
Update pandas from 0.25.3 to 2.0.3
click 7.0, wheel 0.33.6 and 2 other dependencies have known security vulnerabilities.
| Package | Installed | Affected | Info |
|---|---|---|---|
| click | 7.0 | <8.0.0 |
show Click 8.0.0 uses 'mkstemp()' instead of the deprecated & insecure 'mktemp()'. https://github.com/pallets/click/issues/1752 |
| wheel | 0.33.6 | <0.38.1 |
show Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages |
| pytest-runner | 6.0.0 | >0 |
show Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684. It is recommended that you: - Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option. - Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option. - Select a tool to bootstrap and then run tests such as tox. https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst |
| opencv-python | 4.2.0.32 | >=3.4.9.31,<4.8.1.78 |
show Opencv-python 4.8.1.78 updates its bundled dependency 'libwebp' to include a fix for a high risk vulnerability. Only mac OS X wheels on PyPI were affected. https://github.com/opencv/opencv-python/releases/tag/78 |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'libpng' to v1.6.37 to include a security fix. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'zlib' to v1.2.13 to include a security fix. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'FFmpeg' to v5.1.2 to include a security fix. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
| opencv-python | 4.2.0.32 | <4.7.0 |
show OpenCV's wechat_qrcode module, specifically versions up to 4.7.0, has a significant vulnerability affecting the DecodedBitStreamParser::decodeHanziSegment function within the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability can cause a memory leak. The potential attack can be executed remotely. To rectify this issue, it's advisable to apply a patch named 2b62ff6181163eea029ed1cab11363b4996e9cd6. https://github.com/opencv/opencv_contrib/pull/3484/commits/2b62ff6181163eea029ed1cab11363b4996e9cd6 |
| opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'freetype' to v2.12.1 to include a security fix. |
| opencv-python | 4.2.0.32 | <= 4.7.0 |
show The OpenCV wechat_qrcode module, versions up to 4.7.0, contains a critical vulnerability affecting the DecodedBitStreamParser::decodeByteSegment function in the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability, if exploited, could lead to a null pointer dereference. Attackers can potentially launch this attack remotely. https://github.com/opencv/opencv_contrib/pull/3480 |
Python 3 badge
URL
https://pyup.io/repos/github/robertopreste/mitoviz/python-3-shield.svg
Markdown
[](https://pyup.io/repos/github/robertopreste/mitoviz/)
Restructured Text
.. image:: https://pyup.io/repos/github/robertopreste/mitoviz/python-3-shield.svg
:target: https://pyup.io/repos/github/robertopreste/mitoviz/
:alt: Python 3
HTML
<a href="https://pyup.io/repos/github/robertopreste/mitoviz/"><img src="https://pyup.io/repos/github/robertopreste/mitoviz/shield.svg" alt="Python 3" /></a>
Textile
!https://pyup.io/repos/github/robertopreste/mitoviz/python-3-shield.svg(Python 3)!:https://pyup.io/repos/github/robertopreste/mitoviz/
RDoc
{<img src="https://pyup.io/repos/github/robertopreste/mitoviz/python-3-shield.svg" alt="Python 3" />}[https://pyup.io/repos/github/robertopreste/mitoviz/]
pyup.io badge
URL
https://pyup.io/repos/github/robertopreste/mitoviz/shield.svg
Markdown
[](https://pyup.io/repos/github/robertopreste/mitoviz/)
Restructured Text
.. image:: https://pyup.io/repos/github/robertopreste/mitoviz/shield.svg
:target: https://pyup.io/repos/github/robertopreste/mitoviz/
:alt: Updates
HTML
<a href="https://pyup.io/repos/github/robertopreste/mitoviz/"><img src="https://pyup.io/repos/github/robertopreste/mitoviz/shield.svg" alt="Updates" /></a>
Textile
!https://pyup.io/repos/github/robertopreste/mitoviz/shield.svg(Updates)!:https://pyup.io/repos/github/robertopreste/mitoviz/
RDoc
{<img src="https://pyup.io/repos/github/robertopreste/mitoviz/shield.svg" alt="Updates" />}[https://pyup.io/repos/github/robertopreste/mitoviz/]