Package | Installed | Affected | Info |
---|---|---|---|
click | 7.0 | <8.0.0 |
show Click 8.0.0 uses 'mkstemp()' instead of the deprecated & insecure 'mktemp()'. https://github.com/pallets/click/issues/1752 |
Sphinx | 3.0.4 | <3.3.0 |
show Sphinx 3.3.0 includes a fix for a ReDoS vulnerability in inventory. https://github.com/sphinx-doc/sphinx/issues/8175 https://github.com/sphinx-doc/sphinx/commit/f7b872e673f9b359a61fd287a7338a28077840d2 |
Sphinx | 3.0.4 | <3.3.0 |
show Sphinx 3.3.0 includes a fix for a ReDoS vulnerability in docstring. https://github.com/sphinx-doc/sphinx/issues/8172 https://github.com/sphinx-doc/sphinx/commit/f00e75278c5999f40b214d8934357fbf0e705417 |
pytest-runner | 6.0.0 | >0 |
show Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684. It is recommended that you: - Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option. - Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option. - Select a tool to bootstrap and then run tests such as tox. https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst |
opencv-python | 4.2.0.32 | >=3.4.9.31,<4.8.1.78 |
show Opencv-python 4.8.1.78 updates its bundled dependency 'libwebp' to include a fix for a high risk vulnerability. Only mac OS X wheels on PyPI were affected. https://github.com/opencv/opencv-python/releases/tag/78 |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'libpng' to v1.6.37 to include a security fix. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'zlib' to v1.2.13 to include a security fix. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'FFmpeg' to v5.1.2 to include a security fix. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
opencv-python | 4.2.0.32 | <4.7.0 |
show OpenCV's wechat_qrcode module, specifically versions up to 4.7.0, has a significant vulnerability affecting the DecodedBitStreamParser::decodeHanziSegment function within the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability can cause a memory leak. The potential attack can be executed remotely. To rectify this issue, it's advisable to apply a patch named 2b62ff6181163eea029ed1cab11363b4996e9cd6. https://github.com/opencv/opencv_contrib/pull/3484/commits/2b62ff6181163eea029ed1cab11363b4996e9cd6 |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'freetype' to v2.12.1 to include a security fix. |
opencv-python | 4.2.0.32 | <= 4.7.0 |
show The OpenCV wechat_qrcode module, versions up to 4.7.0, contains a critical vulnerability affecting the DecodedBitStreamParser::decodeByteSegment function in the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability, if exploited, could lead to a null pointer dereference. Attackers can potentially launch this attack remotely. https://github.com/opencv/opencv_contrib/pull/3480 |
Package | Installed | Affected | Info |
---|---|---|---|
click | 7.0 | <8.0.0 |
show Click 8.0.0 uses 'mkstemp()' instead of the deprecated & insecure 'mktemp()'. https://github.com/pallets/click/issues/1752 |
wheel | 0.33.6 | <0.38.1 |
show Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages |
pytest-runner | 6.0.0 | >0 |
show Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684. It is recommended that you: - Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option. - Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option. - Select a tool to bootstrap and then run tests such as tox. https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst |
opencv-python | 4.2.0.32 | >=3.4.9.31,<4.8.1.78 |
show Opencv-python 4.8.1.78 updates its bundled dependency 'libwebp' to include a fix for a high risk vulnerability. Only mac OS X wheels on PyPI were affected. https://github.com/opencv/opencv-python/releases/tag/78 |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'libpng' to v1.6.37 to include a security fix. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'zlib' to v1.2.13 to include a security fix. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'FFmpeg' to v5.1.2 to include a security fix. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
opencv-python | 4.2.0.32 | <4.7.0 |
show OpenCV's wechat_qrcode module, specifically versions up to 4.7.0, has a significant vulnerability affecting the DecodedBitStreamParser::decodeHanziSegment function within the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability can cause a memory leak. The potential attack can be executed remotely. To rectify this issue, it's advisable to apply a patch named 2b62ff6181163eea029ed1cab11363b4996e9cd6. https://github.com/opencv/opencv_contrib/pull/3484/commits/2b62ff6181163eea029ed1cab11363b4996e9cd6 |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'freetype' to v2.12.1 to include a security fix. |
opencv-python | 4.2.0.32 | <= 4.7.0 |
show The OpenCV wechat_qrcode module, versions up to 4.7.0, contains a critical vulnerability affecting the DecodedBitStreamParser::decodeByteSegment function in the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability, if exploited, could lead to a null pointer dereference. Attackers can potentially launch this attack remotely. https://github.com/opencv/opencv_contrib/pull/3480 |
Package | Installed | Affected | Info |
---|---|---|---|
wheel | 0.33.6 | <0.38.1 |
show Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages |
Sphinx | 3.0.4 | <3.3.0 |
show Sphinx 3.3.0 includes a fix for a ReDoS vulnerability in inventory. https://github.com/sphinx-doc/sphinx/issues/8175 https://github.com/sphinx-doc/sphinx/commit/f7b872e673f9b359a61fd287a7338a28077840d2 |
Sphinx | 3.0.4 | <3.3.0 |
show Sphinx 3.3.0 includes a fix for a ReDoS vulnerability in docstring. https://github.com/sphinx-doc/sphinx/issues/8172 https://github.com/sphinx-doc/sphinx/commit/f00e75278c5999f40b214d8934357fbf0e705417 |
pytest-runner | 6.0.0 | >0 |
show Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684. It is recommended that you: - Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option. - Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option. - Select a tool to bootstrap and then run tests such as tox. https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst |
opencv-python | 4.2.0.32 | >=3.4.9.31,<4.8.1.78 |
show Opencv-python 4.8.1.78 updates its bundled dependency 'libwebp' to include a fix for a high risk vulnerability. Only mac OS X wheels on PyPI were affected. https://github.com/opencv/opencv-python/releases/tag/78 |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'libpng' to v1.6.37 to include a security fix. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'zlib' to v1.2.13 to include a security fix. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'FFmpeg' to v5.1.2 to include a security fix. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
opencv-python | 4.2.0.32 | <4.7.0 |
show OpenCV's wechat_qrcode module, specifically versions up to 4.7.0, has a significant vulnerability affecting the DecodedBitStreamParser::decodeHanziSegment function within the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability can cause a memory leak. The potential attack can be executed remotely. To rectify this issue, it's advisable to apply a patch named 2b62ff6181163eea029ed1cab11363b4996e9cd6. https://github.com/opencv/opencv_contrib/pull/3484/commits/2b62ff6181163eea029ed1cab11363b4996e9cd6 |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'freetype' to v2.12.1 to include a security fix. |
opencv-python | 4.2.0.32 | <= 4.7.0 |
show The OpenCV wechat_qrcode module, versions up to 4.7.0, contains a critical vulnerability affecting the DecodedBitStreamParser::decodeByteSegment function in the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability, if exploited, could lead to a null pointer dereference. Attackers can potentially launch this attack remotely. https://github.com/opencv/opencv_contrib/pull/3480 |
Package | Installed | Affected | Info |
---|---|---|---|
click | 7.0 | <8.0.0 |
show Click 8.0.0 uses 'mkstemp()' instead of the deprecated & insecure 'mktemp()'. https://github.com/pallets/click/issues/1752 |
wheel | 0.33.6 | <0.38.1 |
show Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages |
pytest-runner | 6.0.0 | >0 |
show Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684. It is recommended that you: - Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option. - Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option. - Select a tool to bootstrap and then run tests such as tox. https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst |
opencv-python | 4.2.0.32 | >=3.4.9.31,<4.8.1.78 |
show Opencv-python 4.8.1.78 updates its bundled dependency 'libwebp' to include a fix for a high risk vulnerability. Only mac OS X wheels on PyPI were affected. https://github.com/opencv/opencv-python/releases/tag/78 |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'libpng' to v1.6.37 to include a security fix. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'zlib' to v1.2.13 to include a security fix. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'FFmpeg' to v5.1.2 to include a security fix. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
opencv-python | 4.2.0.32 | <4.7.0 |
show OpenCV's wechat_qrcode module, specifically versions up to 4.7.0, has a significant vulnerability affecting the DecodedBitStreamParser::decodeHanziSegment function within the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability can cause a memory leak. The potential attack can be executed remotely. To rectify this issue, it's advisable to apply a patch named 2b62ff6181163eea029ed1cab11363b4996e9cd6. https://github.com/opencv/opencv_contrib/pull/3484/commits/2b62ff6181163eea029ed1cab11363b4996e9cd6 |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'freetype' to v2.12.1 to include a security fix. |
opencv-python | 4.2.0.32 | <= 4.7.0 |
show The OpenCV wechat_qrcode module, versions up to 4.7.0, contains a critical vulnerability affecting the DecodedBitStreamParser::decodeByteSegment function in the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability, if exploited, could lead to a null pointer dereference. Attackers can potentially launch this attack remotely. https://github.com/opencv/opencv_contrib/pull/3480 |
Package | Installed | Affected | Info |
---|---|---|---|
click | 7.0 | <8.0.0 |
show Click 8.0.0 uses 'mkstemp()' instead of the deprecated & insecure 'mktemp()'. https://github.com/pallets/click/issues/1752 |
wheel | 0.33.6 | <0.38.1 |
show Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages |
Sphinx | 3.0.4 | <3.3.0 |
show Sphinx 3.3.0 includes a fix for a ReDoS vulnerability in inventory. https://github.com/sphinx-doc/sphinx/issues/8175 https://github.com/sphinx-doc/sphinx/commit/f7b872e673f9b359a61fd287a7338a28077840d2 |
Sphinx | 3.0.4 | <3.3.0 |
show Sphinx 3.3.0 includes a fix for a ReDoS vulnerability in docstring. https://github.com/sphinx-doc/sphinx/issues/8172 https://github.com/sphinx-doc/sphinx/commit/f00e75278c5999f40b214d8934357fbf0e705417 |
pytest-runner | 6.0.0 | >0 |
show Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684. It is recommended that you: - Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option. - Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option. - Select a tool to bootstrap and then run tests such as tox. https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst |
Package | Installed | Affected | Info |
---|---|---|---|
click | 7.0 | <8.0.0 |
show Click 8.0.0 uses 'mkstemp()' instead of the deprecated & insecure 'mktemp()'. https://github.com/pallets/click/issues/1752 |
Sphinx | 3.0.4 | <3.3.0 |
show Sphinx 3.3.0 includes a fix for a ReDoS vulnerability in inventory. https://github.com/sphinx-doc/sphinx/issues/8175 https://github.com/sphinx-doc/sphinx/commit/f7b872e673f9b359a61fd287a7338a28077840d2 |
Sphinx | 3.0.4 | <3.3.0 |
show Sphinx 3.3.0 includes a fix for a ReDoS vulnerability in docstring. https://github.com/sphinx-doc/sphinx/issues/8172 https://github.com/sphinx-doc/sphinx/commit/f00e75278c5999f40b214d8934357fbf0e705417 |
pytest-runner | 6.0.0 | >0 |
show Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684. It is recommended that you: - Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option. - Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option. - Select a tool to bootstrap and then run tests such as tox. https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst |
opencv-python | 4.2.0.32 | >=3.4.9.31,<4.8.1.78 |
show Opencv-python 4.8.1.78 updates its bundled dependency 'libwebp' to include a fix for a high risk vulnerability. Only mac OS X wheels on PyPI were affected. https://github.com/opencv/opencv-python/releases/tag/78 |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'libpng' to v1.6.37 to include a security fix. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'zlib' to v1.2.13 to include a security fix. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'FFmpeg' to v5.1.2 to include a security fix. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
opencv-python | 4.2.0.32 | <4.7.0 |
show OpenCV's wechat_qrcode module, specifically versions up to 4.7.0, has a significant vulnerability affecting the DecodedBitStreamParser::decodeHanziSegment function within the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability can cause a memory leak. The potential attack can be executed remotely. To rectify this issue, it's advisable to apply a patch named 2b62ff6181163eea029ed1cab11363b4996e9cd6. https://github.com/opencv/opencv_contrib/pull/3484/commits/2b62ff6181163eea029ed1cab11363b4996e9cd6 |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'freetype' to v2.12.1 to include a security fix. |
opencv-python | 4.2.0.32 | <= 4.7.0 |
show The OpenCV wechat_qrcode module, versions up to 4.7.0, contains a critical vulnerability affecting the DecodedBitStreamParser::decodeByteSegment function in the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability, if exploited, could lead to a null pointer dereference. Attackers can potentially launch this attack remotely. https://github.com/opencv/opencv_contrib/pull/3480 |
Package | Installed | Affected | Info |
---|---|---|---|
click | 7.0 | <8.0.0 |
show Click 8.0.0 uses 'mkstemp()' instead of the deprecated & insecure 'mktemp()'. https://github.com/pallets/click/issues/1752 |
wheel | 0.33.6 | <0.38.1 |
show Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages |
pytest-runner | 6.0.0 | >0 |
show Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684. It is recommended that you: - Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option. - Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option. - Select a tool to bootstrap and then run tests such as tox. https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst |
opencv-python | 4.2.0.32 | >=3.4.9.31,<4.8.1.78 |
show Opencv-python 4.8.1.78 updates its bundled dependency 'libwebp' to include a fix for a high risk vulnerability. Only mac OS X wheels on PyPI were affected. https://github.com/opencv/opencv-python/releases/tag/78 |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'libpng' to v1.6.37 to include a security fix. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'zlib' to v1.2.13 to include a security fix. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'FFmpeg' to v5.1.2 to include a security fix. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
opencv-python | 4.2.0.32 | <4.7.0 |
show OpenCV's wechat_qrcode module, specifically versions up to 4.7.0, has a significant vulnerability affecting the DecodedBitStreamParser::decodeHanziSegment function within the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability can cause a memory leak. The potential attack can be executed remotely. To rectify this issue, it's advisable to apply a patch named 2b62ff6181163eea029ed1cab11363b4996e9cd6. https://github.com/opencv/opencv_contrib/pull/3484/commits/2b62ff6181163eea029ed1cab11363b4996e9cd6 |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'freetype' to v2.12.1 to include a security fix. |
opencv-python | 4.2.0.32 | <= 4.7.0 |
show The OpenCV wechat_qrcode module, versions up to 4.7.0, contains a critical vulnerability affecting the DecodedBitStreamParser::decodeByteSegment function in the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability, if exploited, could lead to a null pointer dereference. Attackers can potentially launch this attack remotely. https://github.com/opencv/opencv_contrib/pull/3480 |
Package | Installed | Affected | Info |
---|---|---|---|
click | 7.0 | <8.0.0 |
show Click 8.0.0 uses 'mkstemp()' instead of the deprecated & insecure 'mktemp()'. https://github.com/pallets/click/issues/1752 |
wheel | 0.33.6 | <0.38.1 |
show Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages |
pytest-runner | 6.0.0 | >0 |
show Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684. It is recommended that you: - Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option. - Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option. - Select a tool to bootstrap and then run tests such as tox. https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst |
opencv-python | 4.2.0.32 | >=3.4.9.31,<4.8.1.78 |
show Opencv-python 4.8.1.78 updates its bundled dependency 'libwebp' to include a fix for a high risk vulnerability. Only mac OS X wheels on PyPI were affected. https://github.com/opencv/opencv-python/releases/tag/78 |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'libpng' to v1.6.37 to include a security fix. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'zlib' to v1.2.13 to include a security fix. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'FFmpeg' to v5.1.2 to include a security fix. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
opencv-python | 4.2.0.32 | <4.7.0 |
show OpenCV's wechat_qrcode module, specifically versions up to 4.7.0, has a significant vulnerability affecting the DecodedBitStreamParser::decodeHanziSegment function within the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability can cause a memory leak. The potential attack can be executed remotely. To rectify this issue, it's advisable to apply a patch named 2b62ff6181163eea029ed1cab11363b4996e9cd6. https://github.com/opencv/opencv_contrib/pull/3484/commits/2b62ff6181163eea029ed1cab11363b4996e9cd6 |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'freetype' to v2.12.1 to include a security fix. |
opencv-python | 4.2.0.32 | <= 4.7.0 |
show The OpenCV wechat_qrcode module, versions up to 4.7.0, contains a critical vulnerability affecting the DecodedBitStreamParser::decodeByteSegment function in the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability, if exploited, could lead to a null pointer dereference. Attackers can potentially launch this attack remotely. https://github.com/opencv/opencv_contrib/pull/3480 |
Package | Installed | Affected | Info |
---|---|---|---|
click | 7.0 | <8.0.0 |
show Click 8.0.0 uses 'mkstemp()' instead of the deprecated & insecure 'mktemp()'. https://github.com/pallets/click/issues/1752 |
wheel | 0.33.6 | <0.38.1 |
show Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages |
pytest-runner | 6.0.0 | >0 |
show Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684. It is recommended that you: - Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option. - Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option. - Select a tool to bootstrap and then run tests such as tox. https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst |
opencv-python | 4.2.0.32 | >=3.4.9.31,<4.8.1.78 |
show Opencv-python 4.8.1.78 updates its bundled dependency 'libwebp' to include a fix for a high risk vulnerability. Only mac OS X wheels on PyPI were affected. https://github.com/opencv/opencv-python/releases/tag/78 |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'libpng' to v1.6.37 to include a security fix. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'zlib' to v1.2.13 to include a security fix. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'FFmpeg' to v5.1.2 to include a security fix. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
opencv-python | 4.2.0.32 | <4.7.0 |
show OpenCV's wechat_qrcode module, specifically versions up to 4.7.0, has a significant vulnerability affecting the DecodedBitStreamParser::decodeHanziSegment function within the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability can cause a memory leak. The potential attack can be executed remotely. To rectify this issue, it's advisable to apply a patch named 2b62ff6181163eea029ed1cab11363b4996e9cd6. https://github.com/opencv/opencv_contrib/pull/3484/commits/2b62ff6181163eea029ed1cab11363b4996e9cd6 |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'freetype' to v2.12.1 to include a security fix. |
opencv-python | 4.2.0.32 | <= 4.7.0 |
show The OpenCV wechat_qrcode module, versions up to 4.7.0, contains a critical vulnerability affecting the DecodedBitStreamParser::decodeByteSegment function in the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability, if exploited, could lead to a null pointer dereference. Attackers can potentially launch this attack remotely. https://github.com/opencv/opencv_contrib/pull/3480 |
Package | Installed | Affected | Info |
---|---|---|---|
click | 7.0 | <8.0.0 |
show Click 8.0.0 uses 'mkstemp()' instead of the deprecated & insecure 'mktemp()'. https://github.com/pallets/click/issues/1752 |
pytest-runner | 6.0.0 | >0 |
show Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684. It is recommended that you: - Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option. - Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option. - Select a tool to bootstrap and then run tests such as tox. https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst |
opencv-python | 4.2.0.32 | >=3.4.9.31,<4.8.1.78 |
show Opencv-python 4.8.1.78 updates its bundled dependency 'libwebp' to include a fix for a high risk vulnerability. Only mac OS X wheels on PyPI were affected. https://github.com/opencv/opencv-python/releases/tag/78 |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'libpng' to v1.6.37 to include a security fix. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'zlib' to v1.2.13 to include a security fix. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'FFmpeg' to v5.1.2 to include a security fix. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
opencv-python | 4.2.0.32 | <4.7.0 |
show OpenCV's wechat_qrcode module, specifically versions up to 4.7.0, has a significant vulnerability affecting the DecodedBitStreamParser::decodeHanziSegment function within the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability can cause a memory leak. The potential attack can be executed remotely. To rectify this issue, it's advisable to apply a patch named 2b62ff6181163eea029ed1cab11363b4996e9cd6. https://github.com/opencv/opencv_contrib/pull/3484/commits/2b62ff6181163eea029ed1cab11363b4996e9cd6 |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'freetype' to v2.12.1 to include a security fix. |
opencv-python | 4.2.0.32 | <= 4.7.0 |
show The OpenCV wechat_qrcode module, versions up to 4.7.0, contains a critical vulnerability affecting the DecodedBitStreamParser::decodeByteSegment function in the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability, if exploited, could lead to a null pointer dereference. Attackers can potentially launch this attack remotely. https://github.com/opencv/opencv_contrib/pull/3480 |
Package | Installed | Affected | Info |
---|---|---|---|
wheel | 0.33.6 | <0.38.1 |
show Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages |
pytest-runner | 6.0.0 | >0 |
show Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684. It is recommended that you: - Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option. - Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option. - Select a tool to bootstrap and then run tests such as tox. https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst |
opencv-python | 4.2.0.32 | >=3.4.9.31,<4.8.1.78 |
show Opencv-python 4.8.1.78 updates its bundled dependency 'libwebp' to include a fix for a high risk vulnerability. Only mac OS X wheels on PyPI were affected. https://github.com/opencv/opencv-python/releases/tag/78 |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'libpng' to v1.6.37 to include a security fix. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'zlib' to v1.2.13 to include a security fix. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'FFmpeg' to v5.1.2 to include a security fix. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
opencv-python | 4.2.0.32 | <4.7.0 |
show OpenCV's wechat_qrcode module, specifically versions up to 4.7.0, has a significant vulnerability affecting the DecodedBitStreamParser::decodeHanziSegment function within the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability can cause a memory leak. The potential attack can be executed remotely. To rectify this issue, it's advisable to apply a patch named 2b62ff6181163eea029ed1cab11363b4996e9cd6. https://github.com/opencv/opencv_contrib/pull/3484/commits/2b62ff6181163eea029ed1cab11363b4996e9cd6 |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'freetype' to v2.12.1 to include a security fix. |
opencv-python | 4.2.0.32 | <= 4.7.0 |
show The OpenCV wechat_qrcode module, versions up to 4.7.0, contains a critical vulnerability affecting the DecodedBitStreamParser::decodeByteSegment function in the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability, if exploited, could lead to a null pointer dereference. Attackers can potentially launch this attack remotely. https://github.com/opencv/opencv_contrib/pull/3480 |
Package | Installed | Affected | Info |
---|---|---|---|
wheel | 0.33.6 | <0.38.1 |
show Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages |
pytest-runner | 6.0.0 | >0 |
show Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684. It is recommended that you: - Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option. - Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option. - Select a tool to bootstrap and then run tests such as tox. https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst |
opencv-python | 4.2.0.32 | >=3.4.9.31,<4.8.1.78 |
show Opencv-python 4.8.1.78 updates its bundled dependency 'libwebp' to include a fix for a high risk vulnerability. Only mac OS X wheels on PyPI were affected. https://github.com/opencv/opencv-python/releases/tag/78 |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'libpng' to v1.6.37 to include a security fix. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'zlib' to v1.2.13 to include a security fix. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'FFmpeg' to v5.1.2 to include a security fix. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
opencv-python | 4.2.0.32 | <4.7.0 |
show OpenCV's wechat_qrcode module, specifically versions up to 4.7.0, has a significant vulnerability affecting the DecodedBitStreamParser::decodeHanziSegment function within the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability can cause a memory leak. The potential attack can be executed remotely. To rectify this issue, it's advisable to apply a patch named 2b62ff6181163eea029ed1cab11363b4996e9cd6. https://github.com/opencv/opencv_contrib/pull/3484/commits/2b62ff6181163eea029ed1cab11363b4996e9cd6 |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'freetype' to v2.12.1 to include a security fix. |
opencv-python | 4.2.0.32 | <= 4.7.0 |
show The OpenCV wechat_qrcode module, versions up to 4.7.0, contains a critical vulnerability affecting the DecodedBitStreamParser::decodeByteSegment function in the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability, if exploited, could lead to a null pointer dereference. Attackers can potentially launch this attack remotely. https://github.com/opencv/opencv_contrib/pull/3480 |
Package | Installed | Affected | Info |
---|---|---|---|
wheel | 0.33.6 | <0.38.1 |
show Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages |
pytest-runner | 6.0.0 | >0 |
show Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684. It is recommended that you: - Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option. - Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option. - Select a tool to bootstrap and then run tests such as tox. https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst |
opencv-python | 4.2.0.32 | >=3.4.9.31,<4.8.1.78 |
show Opencv-python 4.8.1.78 updates its bundled dependency 'libwebp' to include a fix for a high risk vulnerability. Only mac OS X wheels on PyPI were affected. https://github.com/opencv/opencv-python/releases/tag/78 |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'libpng' to v1.6.37 to include a security fix. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'zlib' to v1.2.13 to include a security fix. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'FFmpeg' to v5.1.2 to include a security fix. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
opencv-python | 4.2.0.32 | <4.7.0 |
show OpenCV's wechat_qrcode module, specifically versions up to 4.7.0, has a significant vulnerability affecting the DecodedBitStreamParser::decodeHanziSegment function within the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability can cause a memory leak. The potential attack can be executed remotely. To rectify this issue, it's advisable to apply a patch named 2b62ff6181163eea029ed1cab11363b4996e9cd6. https://github.com/opencv/opencv_contrib/pull/3484/commits/2b62ff6181163eea029ed1cab11363b4996e9cd6 |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'freetype' to v2.12.1 to include a security fix. |
opencv-python | 4.2.0.32 | <= 4.7.0 |
show The OpenCV wechat_qrcode module, versions up to 4.7.0, contains a critical vulnerability affecting the DecodedBitStreamParser::decodeByteSegment function in the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability, if exploited, could lead to a null pointer dereference. Attackers can potentially launch this attack remotely. https://github.com/opencv/opencv_contrib/pull/3480 |
Package | Installed | Affected | Info |
---|---|---|---|
click | 7.0 | <8.0.0 |
show Click 8.0.0 uses 'mkstemp()' instead of the deprecated & insecure 'mktemp()'. https://github.com/pallets/click/issues/1752 |
wheel | 0.33.6 | <0.38.1 |
show Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages |
pytest-runner | 6.0.0 | >0 |
show Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684. It is recommended that you: - Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option. - Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option. - Select a tool to bootstrap and then run tests such as tox. https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst |
Package | Installed | Affected | Info |
---|---|---|---|
click | 7.0 | <8.0.0 |
show Click 8.0.0 uses 'mkstemp()' instead of the deprecated & insecure 'mktemp()'. https://github.com/pallets/click/issues/1752 |
wheel | 0.33.6 | <0.38.1 |
show Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages |
pytest-runner | 6.0.0 | >0 |
show Pytest-runner depends on deprecated features of setuptools and relies on features that break security mechanisms in pip. For example ‘setup_requires’ and ‘tests_require’ bypass pip --require-hashes. See also pypa/setuptools#1684. It is recommended that you: - Remove 'pytest-runner' from your setup_requires, preferably removing the setup_requires option. - Remove 'pytest' and any other testing requirements from tests_require, preferably removing the tests_requires option. - Select a tool to bootstrap and then run tests such as tox. https://github.com/pytest-dev/pytest-runner/blob/289a77b179535d8137118e3b8591d9e727130d6d/README.rst |
opencv-python | 4.2.0.32 | >=3.4.9.31,<4.8.1.78 |
show Opencv-python 4.8.1.78 updates its bundled dependency 'libwebp' to include a fix for a high risk vulnerability. Only mac OS X wheels on PyPI were affected. https://github.com/opencv/opencv-python/releases/tag/78 |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'libpng' to v1.6.37 to include a security fix. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'zlib' to v1.2.13 to include a security fix. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its C dependency 'FFmpeg' to v5.1.2 to include a security fix. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
opencv-python | 4.2.0.32 | <4.7.0 |
show Opencv-python 4.7.0 updates its dependency 'OpenSSL' to v1.1.1s to include security fixes. |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes. |
opencv-python | 4.2.0.32 | <4.7.0 |
show OpenCV's wechat_qrcode module, specifically versions up to 4.7.0, has a significant vulnerability affecting the DecodedBitStreamParser::decodeHanziSegment function within the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability can cause a memory leak. The potential attack can be executed remotely. To rectify this issue, it's advisable to apply a patch named 2b62ff6181163eea029ed1cab11363b4996e9cd6. https://github.com/opencv/opencv_contrib/pull/3484/commits/2b62ff6181163eea029ed1cab11363b4996e9cd6 |
opencv-python | 4.2.0.32 | <3.4.18 , >=4.0.0,<4.6.0 |
show Opencv-python 3.4.18 and 4.6.0 pin its dependency 'freetype' to v2.12.1 to include a security fix. |
opencv-python | 4.2.0.32 | <= 4.7.0 |
show The OpenCV wechat_qrcode module, versions up to 4.7.0, contains a critical vulnerability affecting the DecodedBitStreamParser::decodeByteSegment function in the qrcode/decoder/decoded_bit_stream_parser.cpp file. This vulnerability, if exploited, could lead to a null pointer dereference. Attackers can potentially launch this attack remotely. https://github.com/opencv/opencv_contrib/pull/3480 |
https://pyup.io/repos/github/robertopreste/mitoviz/python-3-shield.svg
[![Python 3](https://pyup.io/repos/github/robertopreste/mitoviz/python-3-shield.svg)](https://pyup.io/repos/github/robertopreste/mitoviz/)
.. image:: https://pyup.io/repos/github/robertopreste/mitoviz/python-3-shield.svg :target: https://pyup.io/repos/github/robertopreste/mitoviz/ :alt: Python 3
<a href="https://pyup.io/repos/github/robertopreste/mitoviz/"><img src="https://pyup.io/repos/github/robertopreste/mitoviz/shield.svg" alt="Python 3" /></a>
!https://pyup.io/repos/github/robertopreste/mitoviz/python-3-shield.svg(Python 3)!:https://pyup.io/repos/github/robertopreste/mitoviz/
{<img src="https://pyup.io/repos/github/robertopreste/mitoviz/python-3-shield.svg" alt="Python 3" />}[https://pyup.io/repos/github/robertopreste/mitoviz/]
https://pyup.io/repos/github/robertopreste/mitoviz/shield.svg
[![Updates](https://pyup.io/repos/github/robertopreste/mitoviz/shield.svg)](https://pyup.io/repos/github/robertopreste/mitoviz/)
.. image:: https://pyup.io/repos/github/robertopreste/mitoviz/shield.svg :target: https://pyup.io/repos/github/robertopreste/mitoviz/ :alt: Updates
<a href="https://pyup.io/repos/github/robertopreste/mitoviz/"><img src="https://pyup.io/repos/github/robertopreste/mitoviz/shield.svg" alt="Updates" /></a>
!https://pyup.io/repos/github/robertopreste/mitoviz/shield.svg(Updates)!:https://pyup.io/repos/github/robertopreste/mitoviz/
{<img src="https://pyup.io/repos/github/robertopreste/mitoviz/shield.svg" alt="Updates" />}[https://pyup.io/repos/github/robertopreste/mitoviz/]