125softnlp (=0.0.1), a2 (>=0.10.11 <=0.10.13) +4817 more potentially affected by CVE-2021-41196 via tensorflow (>=1.0.1 <=2.4.3)

tensorflow PYPI version =1.0.1, =0.10.11, =0.1.0, =0.0.0, =0.6.0, =0.1.6, =1.0.0, =2.0.0, =1.0.0, =0.0.1, =0.0.7 and more Source cves: CVE-2021-41196 Source advisory: OSV:PYSEC-2021-389...

PYSEC-2021-356

nltk is vulnerable to Inefficient Regular Expression Complexity...

USN-5066-2 python-pysaml2 vulnerability

USN-5066-1 fixed a vulnerability in PySAML2. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Brian Wolff discovered that PySAML2 incorrectly validated cryptographic signatures. A remote attacker could possibly use this issue to alter SAML documents...

125softnlp (=0.0.1), a2 (>=0.10.11 <=0.10.13) +4761 more potentially affected by CVE-2021-37671 via tensorflow (>=1.0.1 <=2.3.2)

tensorflow PYPI version =1.0.1, =0.10.11, =0.1.0, =0.0.0, =0.6.0, =0.1.6, =1.0.0, =0.0.1, =0.2.0, =0.6.0, =0.1.0, =0.1.0, =0.2.0 and more Source cves: CVE-2021-37671 Source advisory: OSV:GHSA-QR82-2C78-4M8H...

alphapulldown (>=0.21.2 <=0.22.3), analytics-lib (>=0.0.1 <=0.0.2) +54 more potentially affected by CVE-2021-37691 via tensorflow (=2.5.0)

tensorflow PYPI version =2.5.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow and may be impacted: - alphapulldown =0.21.2, =0.0.1, =1.1.0, =0.1.0.dev2, =0.8.1, =3.3.0, =0.0.24, =1.0.0, =2.0.2, =0.6.0, =0.7.0, =1.4.0 and more Source cves:...

125softnlp (=0.0.1), a2 (>=0.10.11 <=0.10.13) +4761 more potentially affected by CVE-2021-37691 via tensorflow (>=1.0.1 <=2.3.2)

tensorflow PYPI version =1.0.1, =0.10.11, =0.1.0, =0.0.0, =0.6.0, =0.1.6, =1.0.0, =0.0.1, =0.2.0, =0.6.0, =0.1.0, =0.1.0, =0.2.0 and more Source cves: CVE-2021-37691 Source advisory: OSV:GHSA-27QF-JWM8-G7F3...

[SECURITY] Fedora 33 Update: python-docx-0.8.11-3.fc33

A Python library for creating and updating Microsoft Word .docx files...

[SECURITY] Fedora 34 Update: python-docx-0.8.11-3.fc34

A Python library for creating and updating Microsoft Word .docx files...

c4v-py (>=0.1.0.dev1 <=0.1.0.dev202107081840) potentially affected by CVE-2021-37691 via tensorflow-cpu (=2.3.1)

tensorflow-cpu PYPI version =2.3.1 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - c4v-py =0.1.0.dev1, =0.1.0.dev202107081840 Source cves: CVE-2021-37691 Source advisory: OSV:PYSEC-2021-604...

accuinsight (>=1.0.62 <=3.0.0rc2), adapt-diagnostics (>=1.2.0 <=1.6.0) +110 more potentially affected by CVE-2021-37676 via tensorflow (>=2.3.0 <=2.3.2)

tensorflow PYPI version =2.3.0, =1.0.62, =1.2.0, =0.1.0, =0.0.1a0, =0.0.1, =1.0.0rc1, =20210206.0.0, =0.1.0.dev1, =0.2.4, =1.0.1.0, =1.0.3 - cardec-cite =1.1.0 and more Source cves: CVE-2021-37676 Source advisory: OSV:PYSEC-2021-298...

abmarl (>=0.1.1 <=0.1.3), agrothon (>=1.1.5 <=1.3.2) +95 more potentially affected by CVE-2021-37686 via tensorflow (>=2.4.0 <=2.4.2)

tensorflow PYPI version =2.4.0, =0.1.1, =1.1.5, =2.1.0, =0.7.0, =0.0.1, =0.0.6, =0.1.0, =1.4.0, =1.2.2, =20210221.0.0, =0.7.2, =0.7.4 and more Source cves: CVE-2021-37686 Source advisory: OSV:PYSEC-2021-308...

abmarl (>=0.1.1 <=0.1.3), agrothon (>=1.1.5 <=1.3.2) +95 more potentially affected by CVE-2021-37648 via tensorflow (>=2.4.0 <=2.4.2)

tensorflow PYPI version =2.4.0, =0.1.1, =1.1.5, =2.1.0, =0.7.0, =0.0.1, =0.0.6, =0.1.0, =1.4.0, =1.2.2, =20210221.0.0, =0.7.2, =0.7.4 and more Source cves: CVE-2021-37648 Source advisory: OSV:PYSEC-2021-270...

abmarl (>=0.1.1 <=0.1.3), agrothon (>=1.1.5 <=1.3.2) +95 more potentially affected by CVE-2021-37676 via tensorflow (>=2.4.0 <=2.4.2)

tensorflow PYPI version =2.4.0, =0.1.1, =1.1.5, =2.1.0, =0.7.0, =0.0.1, =0.0.6, =0.1.0, =1.4.0, =1.2.2, =20210221.0.0, =0.7.2, =0.7.4 and more Source cves: CVE-2021-37676 Source advisory: OSV:PYSEC-2021-298...

abmarl (>=0.1.1 <=0.1.3), agrothon (>=1.1.5 <=1.3.2) +95 more potentially affected by CVE-2021-37655 via tensorflow (>=2.4.0 <=2.4.2)

tensorflow PYPI version =2.4.0, =0.1.1, =1.1.5, =2.1.0, =0.7.0, =0.0.1, =0.0.6, =0.1.0, =1.4.0, =1.2.2, =20210221.0.0, =0.7.2, =0.7.4 and more Source cves: CVE-2021-37655 Source advisory: OSV:PYSEC-2021-277...

complaintclassify (=0.0.9) potentially affected by CVE-2021-37637 via tensorflow-cpu (=2.4.0)

tensorflow-cpu PYPI version =2.4.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - complaintclassify =0.0.9 Source cves: CVE-2021-37637 Source advisory: OSV:PYSEC-2021-550...

impacket1472

This is a Python library called Impacket, which provides a collection of classes for working with network protocols. The library is focused on providing low-level programmatic access to the packets and for some protocols e.g. SMB1-3 and MSRPC the protocol implementation itself. The library includ...

Mpmath 安全漏洞

Mpmath is a free BSD-licensed Python library for real and complex floating-point operations with arbitrary precision. A security vulnerability exists in Mpmath version 1.0.0, which stems from a Regular Expression Denial of Service ReDOS that occurs when an application examines a carefully crafted...

python: CRLF injection via HTTP request method in httplib/http.client

A flaw was found in Python. The built-in modules httplib and http.client included in Python 2 and Python 3, respectively do not properly validate CRLF sequences in the HTTP request method, potentially allowing manipulation to the request by injecting additional HTTP headers. The highest threat fr...

faradaysec (>=3.14.1 <=3.14.4), flask-authoob (>=0.0.21 <=0.0.34) +4 more potentially affected by CVE-2021-32618 via flask-security-too (>=3.2.0rc1 <=4.0.1)

flask-security-too PYPI version =3.2.0rc1, =3.14.1, =0.0.21, =0.3.1, =4.22.0, =6.0.1, =6.0.0, =6.4.0 Source cves: CVE-2021-32618 Source advisory: OSV:PYSEC-2021-123...

accuinsight (>=1.0.47 <=1.0.61), alphad3m (>=0.10.0 <=0.10.0.dev1) +88 more potentially affected by CVE-2021-29607 via tensorflow (>=2.2.0 <=2.2.2)

tensorflow PYPI version =2.2.0, =1.0.47, =0.10.0, =0.5.0, =0.2.0, =0.0.6, =1.2.0, =1.0.0, =0.0.15, =0.0.16 and more Source cves: CVE-2021-29607 Source advisory: OSV:PYSEC-2021-244...