Fix dev container #1115
Fix dev container #1115
An automation triggered a pipeline warning
Found 41 vulnerabilities. An additional 0 vulnerabilities have been marked as unaffected.
Output from Automations
4 rules were checked:
If a new dependency is added where the license risk is at least medium
then notify all users in the group admins by email
✔️ The rule did not trigger. Manage rule
If a dependency contains a vulnerability which has not been marked as unaffected and which has not triggered this rule for this dependency before
then notify all users in the group admins by email
✔️ The rule did not trigger. Manage rule
If there is a dependency where the license risk is at least high
then send a pipeline warning
✔️ The rule did not trigger. Manage rule
If a dependency contains a vulnerability which has not been marked as unaffected
then send a pipeline warning
Vulnerability | CVSS2 | CVSS3 | Dependency | Dependency Licenses |
---|---|---|---|---|
CVE-2020-13091 | 7.5 | 9.8 | pandas (pip) | BSD-2-Clause, BSD-3-Clause |
CVE-2019-6446 | 7.5 | 9.8 | numpy (pip) | Apache-2.0, BSD-2-Clause, BSD-3-Clause, BSD-3-Clause-Open-MPI, GPL-3.0-only, GPL-3.0-or-later, MIT, Zlib |
CVE-2018-20060 | 5 | 9.8 | urllib3 (pip) | MIT |
CVE-2020-36242 | 6.4 | 9.1 | cryptography (pip) | Apache-2.0, BSD-3-Clause |
CVE-2015-5607 | 6.8 | 8.8 | ipython (pip) | BSD-2-Clause, BSD-3-Clause, Debricked Unknown License |
CVE-2022-21699 | 4.6 | 8.8 | ipython (pip) | BSD-2-Clause, BSD-3-Clause, Debricked Unknown License |
CVE-2023-43804 | N/A | 8.1 | urllib3 (pip) | MIT |
CVE-2016-10075 | 4.6 | 7.8 | tqdm (pip) | MIT, MPL-2.0 |
CVE-2018-10903 | 5 | 7.5 | cryptography (pip) | Apache-2.0, BSD-3-Clause |
CVE-2016-9243 | 5 | 7.5 | cryptography (pip) | Apache-2.0, BSD-3-Clause |
CVE-2021-33503 | 5 | 7.5 | urllib3 (pip) | MIT |
CVE-2020-7212 | 7.8 | 7.5 | urllib3 (pip) | MIT |
CVE-2019-11324 | 5 | 7.5 | urllib3 (pip) | MIT |
CVE-2017-12852 | 5 | 7.5 | numpy (pip) | Apache-2.0, BSD-2-Clause, BSD-3-Clause, BSD-3-Clause-Open-MPI, GPL-3.0-only, GPL-3.0-or-later, MIT, Zlib |
CVE-2023-38325 | N/A | 7.5 | cryptography (pip) | Apache-2.0, BSD-3-Clause |
CVE-2023-0286 | N/A | 7.4 | cryptography (pip) | Apache-2.0, BSD-3-Clause |
CVE-2023-24816 | N/A | 7 | ipython (pip) | BSD-2-Clause, BSD-3-Clause, Debricked Unknown License |
CVE-2014-3429 | 6.8 | N/A | ipython (pip) | BSD-2-Clause, BSD-3-Clause, Debricked Unknown License |
CVE-2015-7337 | 6.8 | N/A | ipython (pip) | BSD-2-Clause, BSD-3-Clause, Debricked Unknown License |
CVE-2021-28363 | 6.4 | 6.5 | urllib3 (pip) | MIT |
CVE-2023-23931 | N/A | 6.5 | cryptography (pip) | Apache-2.0, BSD-3-Clause |
CVE-2020-26137 | 6.4 | 6.5 | urllib3 (pip) | MIT |
CVE-2019-11236 | 4.3 | 6.1 | urllib3 (pip) | MIT |
CVE-2018-25091 | N/A | 6.1 | urllib3 (pip) | MIT |
CVE-2015-4707 | 4.3 | 6.1 | ipython (pip) | BSD-2-Clause, BSD-3-Clause, Debricked Unknown License |
CVE-2015-4706 | 4.3 | 6.1 | ipython (pip) | BSD-2-Clause, BSD-3-Clause, Debricked Unknown License |
CVE-2020-25659 | 4.3 | 5.9 | cryptography (pip) | Apache-2.0, BSD-3-Clause |
CVE-2021-41496 | 2.1 | 5.5 | numpy (pip) | Apache-2.0, BSD-2-Clause, BSD-3-Clause, BSD-3-Clause-Open-MPI, GPL-3.0-only, GPL-3.0-or-later, MIT, Zlib |
CVE-2014-1859 | 2.1 | 5.5 | numpy (pip) | Apache-2.0, BSD-2-Clause, BSD-3-Clause, BSD-3-Clause-Open-MPI, GPL-3.0-only, GPL-3.0-or-later, MIT, Zlib |
CVE-2014-1858 | 2.1 | 5.5 | numpy (pip) | Apache-2.0, BSD-2-Clause, BSD-3-Clause, BSD-3-Clause-Open-MPI, GPL-3.0-only, GPL-3.0-or-later, MIT, Zlib |
CVE-2021-33430 | 3.5 | 5.3 | numpy (pip) | Apache-2.0, BSD-2-Clause, BSD-3-Clause, BSD-3-Clause-Open-MPI, GPL-3.0-only, GPL-3.0-or-later, MIT, Zlib |
CVE-2021-34141 | 5 | 5.3 | numpy (pip) | Apache-2.0, BSD-2-Clause, BSD-3-Clause, BSD-3-Clause-Open-MPI, GPL-3.0-only, GPL-3.0-or-later, MIT, Zlib |
CVE-2021-41495 | 3.5 | 5.3 | numpy (pip) | Apache-2.0, BSD-2-Clause, BSD-3-Clause, BSD-3-Clause-Open-MPI, GPL-3.0-only, GPL-3.0-or-later, MIT, Zlib |
CVE-2015-6938 | 4.3 | N/A | ipython (pip) | BSD-2-Clause, BSD-3-Clause, Debricked Unknown License |
CVE-2023-45803 | N/A | 4.2 | urllib3 (pip) | MIT |
CVE-2016-9015 | 2.6 | 3.7 | urllib3 (pip) | MIT |
debricked-201505 | N/A | N/A | cryptography (pip) | Apache-2.0, BSD-3-Clause |
debricked-219246 | N/A | N/A | cryptography (pip) | Apache-2.0, BSD-3-Clause |
debricked-228740 | N/A | N/A | cryptography (pip) | Apache-2.0, BSD-3-Clause |
debricked-224116 | N/A | N/A | cryptography (pip) | Apache-2.0, BSD-3-Clause |
CVE-2023-49083 | N/A | N/A | cryptography (pip) | Apache-2.0, BSD-3-Clause |