Product Research Enterprise Plans Docs

PyPi: Osxphotos

CVE-2022-40897

Transitive

Safety vulnerability ID: 52817

This vulnerability was reviewed by experts

The information on this page was manually curated by our Cybersecurity Intelligence Team.

Created at Dec 23, 2022 Updated at Mar 31, 2024

Scan your Python projects for vulnerabilities →

Advisory

Osxphotos 0.56.0 updates its dependency 'setuptools' to v65.5.1 to include a security fix.

Affected package

osxphotos

Latest version: 0.67.10

Export photos from Apple's macOS Photos app and query the Photos library database to access metadata about images.

Affected versions

Fixed versions

Vulnerability changelog

- Added --profile, --watch, --breakpoint, --debug as global options [`917`](https://github.com/RhetTbull/osxphotos/pull/917)
- add oPromessa as a contributor for code [`914`](https://github.com/RhetTbull/osxphotos/pull/914)
- Added --incloud, --not-incloud, --not-missing, --cloudasset, --not-cloudasset to query options, 800 [`902`](https://github.com/RhetTbull/osxphotos/pull/902)
- Added PhotoInfo.fingerprint 900 [`901`](https://github.com/RhetTbull/osxphotos/pull/901)
- add johnsturgeon as a contributor for bug, and doc [`898`](https://github.com/RhetTbull/osxphotos/pull/898)
- add qkeddy as a contributor for ideas, and data [`895`](https://github.com/RhetTbull/osxphotos/pull/895)
- Fixed API docs and added example, 897 [`8b72374`](https://github.com/RhetTbull/osxphotos/commit/8b72374001caae6449f1000cf9d38250d84fedbe)
- Added .gitattributes [`1f7480a`](https://github.com/RhetTbull/osxphotos/commit/1f7480a9b9047316adecbfd9523cbb3ef101f82a)

[v0.55.7](https://github.com/RhetTbull/osxphotos/compare/v0.55.6...v0.55.7)

> 1 January 2023

- Release files for 0.55.7 [`894`](https://github.com/RhetTbull/osxphotos/pull/894)
- Fix for incorrect path for shared photos on Ventura, 883 [`893`](https://github.com/RhetTbull/osxphotos/pull/893)

[v0.55.6](https://github.com/RhetTbull/osxphotos/compare/v0.55.5...v0.55.6)

> 30 December 2022

- Added Quicktime:ContentCreateDate to photo exporter 890 [`891`](https://github.com/RhetTbull/osxphotos/pull/891)
- Use "QuickTime:ContentCreateDate" [`888`](https://github.com/RhetTbull/osxphotos/pull/888)
- add PetrochukM as a contributor for bug, and code [`889`](https://github.com/RhetTbull/osxphotos/pull/889)
- Release files [`1d5b51d`](https://github.com/RhetTbull/osxphotos/commit/1d5b51dd3d027ed80367954381cfe7d1b1e514ec)
- Added examples for finding / fixing bad extensions, 382, 336 [`00481d3`](https://github.com/RhetTbull/osxphotos/commit/00481d3623885eb6ff30d895cc32e5cfc3f16076)
- Version bump for release [`c091a0b`](https://github.com/RhetTbull/osxphotos/commit/c091a0b6c10feabb4165bf244041d8c9a0e8ff89)
- Fixed color output for find_bad_extensions.py [`a6cce9e`](https://github.com/RhetTbull/osxphotos/commit/a6cce9ef659c8d70eb3426a5c2d220edb29eafcb)
- Added about string to kvstore [`d518ca5`](https://github.com/RhetTbull/osxphotos/commit/d518ca5d5d6a0613b73dd087ad9bbc548da78af1)

[v0.55.5](https://github.com/RhetTbull/osxphotos/compare/v0.55.3...v0.55.5)

> 24 December 2022

- Handle "Z" as EXIF offset time [`881`](https://github.com/RhetTbull/osxphotos/pull/881)
- add fmckeogh as a contributor for code, and bug [`882`](https://github.com/RhetTbull/osxphotos/pull/882)
- Version bump for release [`5f29870`](https://github.com/RhetTbull/osxphotos/commit/5f298709d7d87f00d0abf6401a6cb101a7ebe630)

[v0.55.3](https://github.com/RhetTbull/osxphotos/compare/v0.55.2...v0.55.3)

> 19 December 2022

- Release files for 0.55.3 [`879`](https://github.com/RhetTbull/osxphotos/pull/879)
- Partial implementation for 868, candidate paths [`878`](https://github.com/RhetTbull/osxphotos/pull/878)
- Fix for 853, deleted files not in exportdb --report [`877`](https://github.com/RhetTbull/osxphotos/pull/877)
- Fix for 872, duplicate results with --exif (and --name) [`876`](https://github.com/RhetTbull/osxphotos/pull/876)
- fix: dev_requirements.txt to reduce vulnerabilities [`836`](https://github.com/RhetTbull/osxphotos/pull/836)
- Added errors to export database, --update-errors to export, 872 [`874`](https://github.com/RhetTbull/osxphotos/pull/874)
- Bug fix for missing RAW images during export [`8b9af7b`](https://github.com/RhetTbull/osxphotos/commit/8b9af7be6758292b03dc291261636f334ff407a4)
- Release files [`de584e3`](https://github.com/RhetTbull/osxphotos/commit/de584e3dec63025c583910e1fa4b247341b25379)
- Added Ventura 13.1 to support OS versions [`830da7b`](https://github.com/RhetTbull/osxphotos/commit/830da7b3b40c1908c10310c41005fd3cf318cecd)

[v0.55.2](https://github.com/RhetTbull/osxphotos/compare/v0.55.1...v0.55.2)

> 13 December 2022

- Bug edited path bad mojave 859 [`870`](https://github.com/RhetTbull/osxphotos/pull/870)
- Version bump, fix for 859, wrong edited path in Mojave [`aeb6283`](https://github.com/RhetTbull/osxphotos/commit/aeb6283b2bed243be3bb3de8863cb3e40b797140)
- Added template function example [`ee370f5`](https://github.com/RhetTbull/osxphotos/commit/ee370f5dfba78dd4f3a2835aa56e9d1bf2bc1d9a)
- Added timewarp --function example [`2afab9e`](https://github.com/RhetTbull/osxphotos/commit/2afab9e3b16642ed4486c7a2533aeb184b6ec1a1)
- Added edited live video path to inspect, 865 [`3c8d7e1`](https://github.com/RhetTbull/osxphotos/commit/3c8d7e13b92b8db4999e458aac2ce37eb706cc7b)
- Updated README for supported OS versions [`c3bd04f`](https://github.com/RhetTbull/osxphotos/commit/c3bd04f257f8fbdf93034f60342943a3ffbdeb5d)

[v0.55.1](https://github.com/RhetTbull/osxphotos/compare/v0.55.0...v0.55.1)

> 11 December 2022

- Bug edited path bad mojave 859 [`864`](https://github.com/RhetTbull/osxphotos/pull/864)
- Version bump, fix for 859, wrong edited path in Mojave [`e4faf37`](https://github.com/RhetTbull/osxphotos/commit/e4faf3779c6c56982fba909a0efda21b86890b73)
- Update tests.yml [`debc001`](https://github.com/RhetTbull/osxphotos/commit/debc001af9684d04a31836a6fa5705b706eb36f0)
- Fixed edit_resource_id for Photos 5+ [`025ee36`](https://github.com/RhetTbull/osxphotos/commit/025ee36086d1515aa16a0018aaa5ae371a8a332d)

[v0.55.0](https://github.com/RhetTbull/osxphotos/compare/v0.54.4...v0.55.0)

> 11 December 2022

- Added Ventura to list of supported OS [`863`](https://github.com/RhetTbull/osxphotos/pull/863)
- Partial fix for 859, missing path edited on Mojave [`862`](https://github.com/RhetTbull/osxphotos/pull/862)
- add drodner as a contributor for bug, and userTesting [`861`](https://github.com/RhetTbull/osxphotos/pull/861)
- Updated build for Ventura [`327f198`](https://github.com/RhetTbull/osxphotos/commit/327f19809ee0f8883977a27eb547dcc7f9e93e11)
- Added target architecture, 857 [`88e56bc`](https://github.com/RhetTbull/osxphotos/commit/88e56bc0b978d75b606a4adf36fa2d77ef16eb95)

[v0.54.4](https://github.com/RhetTbull/osxphotos/compare/v0.54.3...v0.54.4)

> 24 November 2022

- Added --post-function to import, 842 [`851`](https://github.com/RhetTbull/osxphotos/pull/851)
- Feature import parse date 847 [`850`](https://github.com/RhetTbull/osxphotos/pull/850)
- Version bump for release [`cad4e1e`](https://github.com/RhetTbull/osxphotos/commit/cad4e1eeff54a37826c0e08e2be1b3df3b392f94)
- Added test for 848 [`d6fc8fc`](https://github.com/RhetTbull/osxphotos/commit/d6fc8fc3b1d276fd6b22550e50ec1bdeeb3acf6f)

[v0.54.3](https://github.com/RhetTbull/osxphotos/compare/v0.54.2...v0.54.3)

> 16 November 2022

- add zephyr325 as a contributor for bug [`844`](https://github.com/RhetTbull/osxphotos/pull/844)
- Version bump [`9ed1b39`](https://github.com/RhetTbull/osxphotos/commit/9ed1b394a9b2df1eca04f489c083ca3a71a7809c)
- Fix for timewarp failure on Ventura, 841 [`40de05c`](https://github.com/RhetTbull/osxphotos/commit/40de05c5fdbc8efd8e4bd21eb8b2e17d49f4864e)
- Updated search_info test [`f610d3c`](https://github.com/RhetTbull/osxphotos/commit/f610d3cc65a7909cfe3bd9ad4d5209f193c88a87)

[v0.54.2](https://github.com/RhetTbull/osxphotos/compare/v0.54.1...v0.54.2)

> 14 November 2022

- Added --alt-copy method for 807 [`835`](https://github.com/RhetTbull/osxphotos/pull/835)
- Version bump [`548071e`](https://github.com/RhetTbull/osxphotos/commit/548071e8a6f626b1f22ae7c92d209dd98bf83c27)
- Fixed help text for , 828 [`ea76297`](https://github.com/RhetTbull/osxphotos/commit/ea76297800f3e72e6584618c126fe818f21bc1ae)

[v0.54.1](https://github.com/RhetTbull/osxphotos/compare/v0.54.0...v0.54.1)

> 13 November 2022

- Bug search info macos13 816 [`831`](https://github.com/RhetTbull/osxphotos/pull/831)
- add dmd as a contributor for userTesting [`829`](https://github.com/RhetTbull/osxphotos/pull/829)
- Updated docs [`155f29a`](https://github.com/RhetTbull/osxphotos/commit/155f29a3735e8c93eaa66f3d979cb1a12b7cd4f8)
- Updated build script, dev dependencies [`644582b`](https://github.com/RhetTbull/osxphotos/commit/644582b540c0b4928a2ece3eb3e56eb63af78877)
- Added tests for macOS 13 / Ventura, added test for labels on macOS 13, 816 [`831eecf`](https://github.com/RhetTbull/osxphotos/commit/831eecfdf70992a2aae8f2454a3b96a44ec85e9c)
- Version bump [`f957e43`](https://github.com/RhetTbull/osxphotos/commit/f957e43ee1242f6902b93e36150233b0cab8a42c)
- Updated dependencies for 832 [`0995076`](https://github.com/RhetTbull/osxphotos/commit/0995076fe78e11124b207e6d3796d834582d506f)

[v0.54.0](https://github.com/RhetTbull/osxphotos/compare/v0.53.0...v0.54.0)

> 12 November 2022

- Version bump [`dc1a600`](https://github.com/RhetTbull/osxphotos/commit/dc1a600493b0b3ef598b34a321b0d25b9c7424ac)
- Updated dependencies for python 3.11, 817, 825 [`ff981dd`](https://github.com/RhetTbull/osxphotos/commit/ff981ddc0ae2280636e827e421ccee74ed8ad9e9)
- Updated dependencies for python 3.11, 817, 825 [`7d72499`](https://github.com/RhetTbull/osxphotos/commit/7d72499ac2700c5b53528f817af2f79b0f242057)

[v0.53.0](https://github.com/RhetTbull/osxphotos/compare/v0.52.0...v0.53.0)

> 12 November 2022

- add dmd as a contributor for bug [`824`](https://github.com/RhetTbull/osxphotos/pull/824)
- Bug labels ventura 816 [`823`](https://github.com/RhetTbull/osxphotos/pull/823)
- Added ImportInfo __bool__, 820 [`dcc16c9`](https://github.com/RhetTbull/osxphotos/commit/dcc16c92c16e5e59f6551e6561eaf5824470f3c3)
- Added instructions for python 3.11/pipx [`2e38a56`](https://github.com/RhetTbull/osxphotos/commit/2e38a56f26b873e235db715a64149b5b7129d2d8)
- Updated example to match API [`6dbeaae`](https://github.com/RhetTbull/osxphotos/commit/6dbeaae54174bafce01897599f782d02787d6fe7)
- Update README.md [`2cd61dc`](https://github.com/RhetTbull/osxphotos/commit/2cd61dccf9d36db02c83cbd82743699b9bf8dda6)

[v0.52.0](https://github.com/RhetTbull/osxphotos/compare/v0.51.8...v0.52.0)

> 6 November 2022

- add dalisoft as a contributor for code, and test [`806`](https://github.com/RhetTbull/osxphotos/pull/806)
- fix: remove warning for macOS 11.7 [`805`](https://github.com/RhetTbull/osxphotos/pull/805)
- Refactor update osxmetadata [`804`](https://github.com/RhetTbull/osxphotos/pull/804)
- Version bump [`d91bf14`](https://github.com/RhetTbull/osxphotos/commit/d91bf14790616818dbb8b70431a4ee11601838aa)
- Updated dependencies [`61ac447`](https://github.com/RhetTbull/osxphotos/commit/61ac447e3e425b83a5eba986ed3dbe1d31c66105)
- Fixed typo in requirements.txt [`6fa07d4`](https://github.com/RhetTbull/osxphotos/commit/6fa07d48c55b615a695c309f007675d8b93ade2d)
- Bugfix for bare {filepath} template [`0ba8bc3`](https://github.com/RhetTbull/osxphotos/commit/0ba8bc3eb9caaa9fe7319fd694ef8d64263b9472)

[v0.51.8](https://github.com/RhetTbull/osxphotos/compare/v0.51.7...v0.51.8)

> 25 September 2022

- Bugfix exportdb migration 794 [`795`](https://github.com/RhetTbull/osxphotos/pull/795)

Resources

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40897

Use this package?

Scan your Python project for dependency vulnerabilities in two minutes

Scan your application

Severity Details

CVSS Base Score

MEDIUM 5.9

CVSS v3 Details

MEDIUM 5.9

Attack Vector (AV): NETWORK
Attack Complexity (AC): HIGH
Privileges Required (PR): NONE
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality Impact (C): NONE
Integrity Impact (I): NONE
Availability Availability (A): HIGH