2 matches found
apprise-transactions (=1.0.0) potentially affected by CVE-2021-39229 via apprise (=0.8.5)
apprise PYPI version =0.8.5 is affected by a known vulnerability. The following packages have a transitive dependency on apprise and may be impacted: - apprise-transactions =1.0.0 Source cves: CVE-2021-39229 Source advisory: OSV:PYSEC-2021-327...
CVE-2021-39229
CVE-2021-39229 affects the Apprise library via the IFTTT plugin (NotifyIFTTT.py). A denial-of-service vulnerability is caused by an inefficient regular expression, with the vulnerable pattern located at lines 356–359 in the referenced file. The issue was fixed in release 0.9.5.1; if upgrading isn...