-
Notifications
You must be signed in to change notification settings - Fork 65
Commit
- Loading branch information
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,4 +1,4 @@ | ||
aiohttp==3.9.0 | ||
aiohttp==3.9.4 | ||
Check failure Code scanning / Trivy `python-multipart` is a streaming multipart parser for Python. When us ... High
Package: fastapi
Installed Version: 0.100.0 Vulnerability CVE-2024-24762 Severity: HIGH Fixed Version: 0.109.1 Link: CVE-2024-24762 Check warning Code scanning / Trivy python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode() Medium
Package: idna
Installed Version: 3.4 Vulnerability CVE-2024-3651 Severity: MEDIUM Fixed Version: 3.7 Link: CVE-2024-3651 Check warning Code scanning / Trivy langchain vulnerable to path traversal Medium
Package: langchain
Installed Version: 0.0.329 Vulnerability CVE-2024-3571 Severity: MEDIUM Fixed Version: 0.0.353 Link: CVE-2024-3571 Check notice Code scanning / Trivy langchain Server-Side Request Forgery vulnerability Low
Package: langchain
Installed Version: 0.0.329 Vulnerability CVE-2024-0243 Severity: LOW Fixed Version: 0.1.0 Link: CVE-2024-0243 Check notice Code scanning / Trivy LangChain directory traversal vulnerability Low
Package: langchain
Installed Version: 0.0.329 Vulnerability CVE-2024-28088 Severity: LOW Fixed Version: 0.0.339 Link: CVE-2024-28088 Check failure Code scanning / Trivy llama-index vulnerable to arbitrary code execution Critical
Package: llama-index
Installed Version: 0.7.4 Vulnerability CVE-2023-39662 Severity: CRITICAL Fixed Version: 0.9.14 Link: CVE-2023-39662 Check warning Code scanning / Trivy python-pydantic: regular expression denial of service via crafted email string Medium
Package: pydantic
Installed Version: 1.10.11 Vulnerability CVE-2024-3772 Severity: MEDIUM Fixed Version: 2.4.0, 1.10.13 Link: CVE-2024-3772 Check failure Code scanning / Trivy `python-multipart` is a streaming multipart parser for Python. When us ... High
Package: starlette
Installed Version: 0.27.0 Vulnerability CVE-2024-24762 Severity: HIGH Fixed Version: 0.36.2 Link: CVE-2024-24762 Check notice Code scanning / Trivy python-tqdm: non-boolean CLI arguments may lead to local code execution Low
Package: tqdm
Installed Version: 4.65.0 Vulnerability CVE-2024-34062 Severity: LOW Fixed Version: 4.66.3 Link: CVE-2024-34062 Check failure Code scanning / Trivy RunGptLLM class in LlamaIndex has a command injection High
Package: llama-index
Installed Version: 0.7.4 Vulnerability CVE-2024-4181 Severity: HIGH Fixed Version: 0.10.13 Link: CVE-2024-4181 Check warning Code scanning / Trivy requests: subsequent requests to the same host ignore cert verification Medium
Package: requests
Installed Version: 2.31.0 Vulnerability CVE-2024-35195 Severity: MEDIUM Fixed Version: 2.32.0 Link: CVE-2024-35195 |
||
aiosignal==1.3.1 | ||
anyio==3.7.1 | ||
async-timeout==4.0.2 | ||
|