Safety vulnerability ID: 59506
The information on this page was manually curated by our Cybersecurity Intelligence Team.
Jupyterlab-iframe 0.5.0 updates its dependencies 'ws' to version '7.4.6' to include a fix for a ReDoS vulnerability.
https://github.com/timkpaine/jupyterlab_iframe/pull/139
Latest version: 0.5.0
IFrame widgets for JupyterLab
What's Changed
* Update GHA by timkpaine in https://github.com/timkpaine/jupyterlab_iframe/pull/122
* use setup.py as cache file indicator by timkpaine in https://github.com/timkpaine/jupyterlab_iframe/pull/127
* Create dependabot.yml by timkpaine in https://github.com/timkpaine/jupyterlab_iframe/pull/128
* Bump moment from 2.29.1 to 2.29.3 in /js by dependabot in https://github.com/timkpaine/jupyterlab_iframe/pull/124
* Bump nanoid from 3.1.30 to 3.3.4 in /js by dependabot in https://github.com/timkpaine/jupyterlab_iframe/pull/123
* Bump minimist from 1.2.5 to 1.2.6 in /js by dependabot in https://github.com/timkpaine/jupyterlab_iframe/pull/126
* Bump codecov/codecov-action from 2 to 3 by dependabot in https://github.com/timkpaine/jupyterlab_iframe/pull/130
* Bump actions/checkout from 2 to 3 by dependabot in https://github.com/timkpaine/jupyterlab_iframe/pull/129
* Bump url-parse from 1.5.3 to 1.5.10 in /js by dependabot in https://github.com/timkpaine/jupyterlab_iframe/pull/125
* bump js deps by timkpaine in https://github.com/timkpaine/jupyterlab_iframe/pull/131
* Bump actions/setup-python from 3 to 4 by dependabot in https://github.com/timkpaine/jupyterlab_iframe/pull/132
* move from notebook to jupyter_server, move code of conduct inside github folder by timkpaine in https://github.com/timkpaine/jupyterlab_iframe/pull/133
* Bump node-fetch from 2.6.6 to 2.6.7 in /js by dependabot in https://github.com/timkpaine/jupyterlab_iframe/pull/134
* Bump EnricoMi/publish-unit-test-result-action from 1 to 2 by dependabot in https://github.com/timkpaine/jupyterlab_iframe/pull/135
* Bump terser from 5.14.1 to 5.14.2 in /js by dependabot in https://github.com/timkpaine/jupyterlab_iframe/pull/136
* Bump moment from 2.29.3 to 2.29.4 in /js by dependabot in https://github.com/timkpaine/jupyterlab_iframe/pull/137
* add manual dispatch trigger to GitHub actions by timkpaine in https://github.com/timkpaine/jupyterlab_iframe/pull/138
* bump js deps for vulnerabilities by timkpaine in https://github.com/timkpaine/jupyterlab_iframe/pull/139
* Bump loader-utils from 1.4.0 to 1.4.2 in /js by dependabot in https://github.com/timkpaine/jupyterlab_iframe/pull/141
* Bump http-cache-semantics from 4.1.0 to 4.1.1 in /js by dependabot in https://github.com/timkpaine/jupyterlab_iframe/pull/142
* use nb server logging instead of print by timkpaine in https://github.com/timkpaine/jupyterlab_iframe/pull/143
* Bump webpack from 5.73.0 to 5.76.1 in /js by dependabot in https://github.com/timkpaine/jupyterlab_iframe/pull/145
* Bump yaml from 2.2.1 to 2.2.2 in /js by dependabot in https://github.com/timkpaine/jupyterlab_iframe/pull/146
* bump to jupyterlab 4 by timkpaine in https://github.com/timkpaine/jupyterlab_iframe/pull/150
* Bump version: 0.4.4 → 0.5.0 by timkpaine in https://github.com/timkpaine/jupyterlab_iframe/pull/151
**Full Changelog**: https://github.com/timkpaine/jupyterlab_iframe/compare/v0.4.4...v0.5.0
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application