Safety CI > sintefneodroid/neo

snyk-fix-39e0cf8348bf1e7e7aee5771acfbd8c5

3 weeks, 6 days ago

b9cf7db7

fix: requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning

Server Error.

develop

4 weeks ago

ddd2e0fe

pre-commit

Server Error.

develop

4 weeks ago

1c7ca7d4

pre-commit

Server Error.

pre-commit-ci-update-config

1 month, 2 weeks ago

724fb734

[pre-commit.ci] pre-commit autoupdate updates: - https://github.com/ambv/black → https://github.com

Server Error.

snyk-fix-4f554e68b495e7c628453fc80d8d7742

2 months, 3 weeks ago

fdc39996

fix: requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning

Server Error.

pre-commit-ci-update-config

2 months, 4 weeks ago

f5070419

[pre-commit.ci] pre-commit autoupdate updates: - https://github.com/ambv/black → https://github.com

Server Error.

pre-commit-ci-update-config

3 months, 3 weeks ago

a861b429

[pre-commit.ci] pre-commit autoupdate updates: - https://github.com/ambv/black → https://github.com

Server Error.

pre-commit-ci-update-config

5 months ago

7e497799

[pre-commit.ci] pre-commit autoupdate updates: - https://github.com/ambv/black → https://github.com

Server Error.

pre-commit-ci-update-config

5 months, 2 weeks ago

d9c9d92b

[pre-commit.ci] pre-commit autoupdate updates: - https://github.com/ambv/black → https://github.com

Server Error.

pre-commit-ci-update-config

1 year, 1 month ago

cecdf3fc

[pre-commit.ci] pre-commit autoupdate updates: - https://github.com/ambv/black → https://github.com

Server Error.

pre-commit-ci-update-config

1 year, 5 months ago

bdd85356

[pre-commit.ci] pre-commit autoupdate updates: - https://github.com/ambv/black → https://github.com

kivy 2.3.0 has known security vulnerabilities.

Package	Installed	Affected	Info
kivy	2.3.0	<2023.05.21	show Kivy 2023.05.21 upgrades its grunt version to be greater than or equal to 1.3.0 carried out in response to the vulnerability addressed in CVE-2020-7729. https://github.com/kivy/python-for-android/pull/2484/commits/f21f9f16bb62a123d7f8000e9a8743f07f5667b7

Package

Installed

Affected

Info

kivy

2.3.0

<2023.05.21

show

Kivy 2023.05.21 upgrades its grunt version to be greater than or equal to 1.3.0 carried out in response to the vulnerability addressed in CVE-2020-7729.
https://github.com/kivy/python-for-android/pull/2484/commits/f21f9f16bb62a123d7f8000e9a8743f07f5667b7

pre-commit-ci-update-config

1 year, 7 months ago

c68089e4

[pre-commit.ci] auto fixes from pre-commit.com hooks for more information, see https://pre-commit.c

kivy 2.3.0 has known security vulnerabilities.

Package	Installed	Affected	Info
kivy	2.3.0	<2023.05.21	show Kivy 2023.05.21 upgrades its grunt version to be greater than or equal to 1.3.0 carried out in response to the vulnerability addressed in CVE-2020-7729. https://github.com/kivy/python-for-android/pull/2484/commits/f21f9f16bb62a123d7f8000e9a8743f07f5667b7

Package

Installed

Affected

Info

kivy

2.3.0

<2023.05.21

show

Kivy 2023.05.21 upgrades its grunt version to be greater than or equal to 1.3.0 carried out in response to the vulnerability addressed in CVE-2020-7729.
https://github.com/kivy/python-for-android/pull/2484/commits/f21f9f16bb62a123d7f8000e9a8743f07f5667b7

pre-commit-ci-update-config

1 year, 7 months ago

2d914f91

[pre-commit.ci] pre-commit autoupdate updates: - https://github.com/ambv/black → https://github.com

kivy 2.3.0 has known security vulnerabilities.

Package	Installed	Affected	Info
kivy	2.3.0	<2023.05.21	show Kivy 2023.05.21 upgrades its grunt version to be greater than or equal to 1.3.0 carried out in response to the vulnerability addressed in CVE-2020-7729. https://github.com/kivy/python-for-android/pull/2484/commits/f21f9f16bb62a123d7f8000e9a8743f07f5667b7

Package

Installed

Affected

Info

kivy

2.3.0

<2023.05.21

show

Kivy 2023.05.21 upgrades its grunt version to be greater than or equal to 1.3.0 carried out in response to the vulnerability addressed in CVE-2020-7729.
https://github.com/kivy/python-for-android/pull/2484/commits/f21f9f16bb62a123d7f8000e9a8743f07f5667b7

snyk-fix-39e0cf8348bf1e7e7aee5771acfbd8c5

1 year, 7 months ago

daf6ada8

fix: requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning

kivy 2.3.0 has known security vulnerabilities.

Package	Installed	Affected	Info
kivy	2.3.0	<2023.05.21	show Kivy 2023.05.21 upgrades its grunt version to be greater than or equal to 1.3.0 carried out in response to the vulnerability addressed in CVE-2020-7729. https://github.com/kivy/python-for-android/pull/2484/commits/f21f9f16bb62a123d7f8000e9a8743f07f5667b7

Package

Installed

Affected

Info

kivy

2.3.0

<2023.05.21

show

Kivy 2023.05.21 upgrades its grunt version to be greater than or equal to 1.3.0 carried out in response to the vulnerability addressed in CVE-2020-7729.
https://github.com/kivy/python-for-android/pull/2484/commits/f21f9f16bb62a123d7f8000e9a8743f07f5667b7

pre-commit-ci-update-config

1 year, 10 months ago

5a820c79

[pre-commit.ci] auto fixes from pre-commit.com hooks for more information, see https://pre-commit.c

pip 24.0 and kivy 2.3.0 have known security vulnerabilities.

Package	Installed	Affected	Info
pip	24.0	<25.2	show Affected versions of the pip package are vulnerable to Arbitrary File Overwrite due to improper validation of symbolic link targets in the fallback tar extraction code. In src/pip/_internal/utils/unpacking.py, the _untar_without_filter routine used when the Python tarfile module lacks PEP 706 (no tarfile.data_filter) extracted symlink members with tar._extract_member without verifying that link destinations resolve under the extraction root, a check later added via the is_symlink_target_in_tar helper.
pip	24.0	<26.0	show Affected versions of the pip package are vulnerable to Path Traversal due to an incorrect directory containment check when extracting wheel archives. In src/pip/_internal/utils/unpacking.py, the is_within_directory() helper used os.path.commonprefix() (character-by-character) to compare directory and target paths, allowing crafted paths like a parent-directory substring match to be treated as safely inside the installation directory.
pip	24.0	<25.0	show Pip solves a security vulnerability that previously allowed maliciously crafted wheel files to execute unauthorized code during installation.
kivy	2.3.0	<2023.05.21	show Kivy 2023.05.21 upgrades its grunt version to be greater than or equal to 1.3.0 carried out in response to the vulnerability addressed in CVE-2020-7729. https://github.com/kivy/python-for-android/pull/2484/commits/f21f9f16bb62a123d7f8000e9a8743f07f5667b7