Workflow

PyPi: Tomcatmanager

CVE-2020-10735

Transitive

Safety vulnerability ID: 42744

This vulnerability was reviewed by experts

The information on this page was manually curated by our Cybersecurity Intelligence Team.

Created at Sep 09, 2022 Updated at Dec 03, 2023
Scan your Python projects for vulnerabilities →

Advisory

Tomcatmanager 5.0.0 removed support for Python 3.6, which will not receive more security updates after 2021-12-23.

Affected package

tomcatmanager

Latest version: 7.0.1

A command line tool and python library for managing a tomcat server.

Affected versions

Fixed versions

Vulnerability changelog

------------------

Added
^^^^^

- Support for Python 3.10
- Cross-reference links to Requests and standard library documentation

Removed
^^^^^^^

- Support for Python 3.6, which will not receive security fixes after 2021-12-23.
Python 3.6 should still work for now, but we no longer test against it.

Fixed
^^^^^

- `TomcatManager.is_connected()
<https://tomcatmanager.readthedocs.io/en/stable/api/TomcatManager.html#tomcatmanager.tomcat_manager.TomcatManager.is_connected>`__
now returns ``True`` or ``False`` instead of truthy or falsy values
- Fix interactive ``py`` and ``pyscript`` commands which were broken by upstream
changes in cmd2 version 2.0

Resources

Use this package?

Scan your Python project for dependency vulnerabilities in two minutes

Scan your application

Severity Details

CVSS Base Score

HIGH 7.5

CVSS v3 Details

HIGH 7.5
Attack Vector (AV)
NETWORK
Attack Complexity (AC)
LOW
Privileges Required (PR)
NONE
User Interaction (UI)
NONE
Scope (S)
UNCHANGED
Confidentiality Impact (C)
NONE
Integrity Impact (I)
NONE
Availability Availability (A)
HIGH