dagster-dbt (>=0.20.5 <=0.21.6), dbt-dremio (=1.7.0) +9 more potentially affected by CVE-2024-40637 via dbt-core (>=1.7.0 <=1.7.13)

dbt-core PYPI version =1.7.0, =0.20.5, =1.7.0, =0.0.2, =1.7.0, =0.0.4, =0.203.0.dev5, =0.0.1rc8, =0.4.2, =0.8.0 Source cves: CVE-2024-40637 Source advisory: SNYK:PYTHON-DBTCORE-7430282...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-arcomplete, python-Fabric, python-PyGithub, python-antlr4-python3-runtime, python-avro, python-chardet, python-distro, python-docker, python-fakeredis, python-fixedint, python-httplib2, python-httpretty, python-javaproperties, python-jsondiff, python-knack, python-marshmallow, python-opencensus, python-opencensus-context, python-opencensus-ext-threading, python-opentelemetry-api, python-opentelemetry-sdk, python-opentelemetry-semantic-conventions, python-opentelemetry-test-utils, python-pycomposefile, python-pydash, python-redis, python-retrying, python-semver, python-sshtunnel, python-strictyaml, python-sure, python-vcrpy, python-xmltodict (SUSE-SU-2024:1639-2)

"The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1639-2 advisory. This update for python-argcomplete, python-Fabric, python-PyGithub,...

3d-rcnet (>=0.2.2 <=0.2.3), aa-prepflow (>=0.1.0 <=0.1.1) +682 more potentially affected by CVE-2024-39236 via gradio (>=6.0.0 <=6.14.0)

gradio PYPI version =6.0.0, =0.2.2, =0.1.0, =0.0.3, =0.1.5, =0.1.0, =0.1.0, =0.1.0, =3.3.0, =0.1.4, =0.1.3, =0.1.0, =0.0.1, =0.0.5 and more Source cves: CVE-2024-39236 Source advisory: OSV:PYSEC-2024-274...

Malicious code in pythn (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 18aa9075a46b75fee6201936b78d0c748d02750b892815a4d2fa7530a12a2ae2 --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: funcaptcha-ru Reasons based on the campaign: - infostealer...

Malicious code in pyhton (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f653c901336089ae7849afebe48ba4f93bc53a4ed9d5b3a63e5d49119fa45df7 --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: funcaptcha-ru Reasons based on the campaign: - infostealer...

aaa-ml-datasets-course (=1.0.0), addownloader (>=0.2.3 <=0.2.12) +679 more potentially affected by CVE-2024-39705 via nltk (>=2.0.4 <=3.8.1)

nltk PYPI version =2.0.4, =0.2.3, =0.2.0, =0.0.1, =0.1.0, =0.0.9, =0.17.0, =0.0.1rc1, =0.1.0, =6.1.0, =6.1.4 and more Source cves: CVE-2024-39705 Source advisory: OSV:GHSA-CGVX-9447-VCCH...

aaa-ml-datasets-course (=1.0.0), addownloader (>=0.2.3 <=0.2.12) +679 more potentially affected by CVE-2024-39705 via nltk (>=2.0.4 <=3.8.1)

nltk PYPI version =2.0.4, =0.2.3, =0.2.0, =0.0.1, =0.1.0, =0.0.9, =0.17.0, =0.0.1rc1, =0.1.0, =6.1.0, =6.1.4 and more Source cves: CVE-2024-39705 Source advisory: OSV:PYSEC-2024-167...

cy-ai-trainer (>=0.0.1 <=0.0.2), llama-index-packs-vanna (>=0.0.1 <=0.1.4) potentially affected by CVE-2024-5826 via vanna (>=0.0.30 <=0.0.36)

vanna PYPI version =0.0.30, =0.0.1, =0.0.1, =0.1.4 Source cves: CVE-2024-5826 Source advisory: OSV:GHSA-RRQQ-FV6M-692M...

adaptive-kmpc-py (>=0.1.0 <=0.1.1), aestetik (=0.1.0) +100 more potentially affected by CVE-2024-5980 via lightning (>=1.8.6 <=2.3.2)

lightning PYPI version =1.8.6, =0.1.0, =1.8.15, =1.8.17, =1.8.14, =0.8.3b20230916, =0.8.3b20230916, =0.8.3b20230916, =0.1.1, =0.0.1, =0.1.0, =0.5.0a1, =0.5.3 and more Source cves: CVE-2024-5980 Source advisory: OSV:GHSA-MR7H-W2QC-FFC2...

autohooks-plugin-pdoc (>=0.1.1 <=0.1.2), bond-order-processing (=1.0.3) +20 more potentially affected by CVE-2024-38526 via pdoc (>=0.3.2 <=14.5.0)

pdoc PYPI version =0.3.2, =0.1.1, =1.0.0, =0.9.3, =0.0.7, =2.5.7, =0.1.1, =0.4.5, =0.2.0, =0.3.0, =0.1.0, =0.1.1 and more Source cves: CVE-2024-38526 Source advisory: OSV:GHSA-5VGJ-GGM4-FG62...

fabricauthenticator (>=0.0.2.5 <=1.3.4rc0), jupyterhub-ltiauthenticator (=1.3.0) +11 more potentially affected by CVE-2024-37300 via oauthenticator (>=0.13.0 <=16.2.1)

oauthenticator PYPI version =0.13.0, =0.0.2.5, =0.11.0, =0.9.1, =3.0.0, =1.0.2, =0.1.0, =1.1.9, =0.5.0, =0.30.1, =0.2.25, =0.0.2, =0.4.2 Source cves: CVE-2024-37300 Source advisory: OSV:GHSA-GPRJ-3P75-F996...

aad-fastapi (>=1.0.0 <=1.1.2), aad-fastapi-dl37 (>=1.0.0 <=1.0.3) +131 more potentially affected by CVE-2024-37568 via authlib (>=0.10.0 <=1.3.0)

authlib PYPI version =0.10.0, =1.0.0, =1.0.0, =0.0.1, =1.0.2, =1.0.2, =1.2.0, =0.0.1, =0.1.0, =1.0.3, =2.0.0, =0.0.59, =0.5.0, =1.6.1, =4.2.0.43, =0.1.0, =0.3.0 and more Source cves: CVE-2024-37568 Source advisory: OSV:PYSEC-2024-52...

acetone-nnet (>=0.1.0 <=0.4.0.dev1), acuity (=6.18.0) +173 more potentially affected by CVE-2024-5187 +1 more via onnx (>=0.2.0 <=1.16.1)

onnx PYPI version =0.2.0, =0.1.0, =0.0.0, =0.0.157, =1.3.0, =0.3.1, =1.3.0, =0.0.9, =0.2.19, =0.0.1, =0.1.0, =0.1.4 - autodistill-yolonas =0.1.1 and more Source cves: CVE-2024-5187, CVE-2025-51480 Source advisory: OSV:GHSA-6RQ9-53C3-F7VJ...

3deecelltracker (>=0.5.0a0 <=1.0.0), a2g (=2020.0.1) +3973 more potentially affected by CVE-2024-5206 via scikit-learn (>=0.15.2 <=1.4.2)

scikit-learn PYPI version =0.15.2, =0.5.0a0, =0.1.0, =0.1.0, =0.9.2, =0.3.2, =0.9.0.dev1, =1.0.0, =2.0.0, =25.9.23, =26.5.4.post2 - ablation =0.1.0 and more Source cves: CVE-2024-5206 Source advisory: OSV:PYSEC-2024-110...

adaptive-kmpc-py (>=0.1.0 <=0.1.1), aestetik (=0.1.0) +100 more potentially affected by CVE-2024-5452 via lightning (>=1.8.6 <=2.3.2)

lightning PYPI version =1.8.6, =0.1.0, =1.8.15, =1.8.17, =1.8.14, =0.8.3b20230916, =0.8.3b20230916, =0.8.3b20230916, =0.1.1, =0.0.1, =0.1.0, =0.5.0a1, =0.5.3 and more Source cves: CVE-2024-5452 Source advisory: OSV:GHSA-CGWC-QVRX-RF7F...

python39:3.9 and python39-devel:3.9 security update

modwsgi numpy python39 3.9.19-1 - Update to 3.9.19 - Security fixes for CVE-2023-6597 and CVE-2024-0450 - Fix tests for XMLPullParser with Expat with fixed CVE Resolves: RHEL-33676, RHEL-33688 python3x-pip python3x-setuptools python3x-six python-cffi python-chardet python-cryptography python-idna...

[SECURITY] Fedora 40 Update: maturin-1.5.1-2.fc40

Build and publish crates with pyo3, rust-cpython and cffi bindings as well as rust binaries as python packages...

0lever-utils (>=0.0.2 <=0.0.7), 128autograder (>=5.0.1 <=6.0.0rc3) +10487 more potentially affected by CVE-2024-35195 via requests (>=0.13.7 <=2.31.0)

requests PYPI version =0.13.7, =0.0.2, =5.0.1, =0.0.1a0, =0.1.1001, =0.1.0, =0.0.2, =0.0.5, =0.1.0, =0.1.0, =0.1.8 and more Source cves: CVE-2024-35195 Source advisory: OSV:GHSA-9WX4-H78V-VM56...

azure-smtp-relay (>=1.0.0 <=1.0.7), mailrise (>=1.3.0 <=1.4.0) +4 more potentially affected by CVE-2024-34083 via aiosmtpd (>=1.2.0 <=1.4.5)

aiosmtpd PYPI version =1.2.0, =1.0.0, =1.3.0, =0.0.1, =0.2.5, =0.3.3 - yades-smtp =0.1.0 Source cves: CVE-2024-34083 Source advisory: OSV:GHSA-WGJV-9J3Q-JHG8...

article-extract (>=0.1.2 <=0.1.3), bookscrape (>=0.0.1.dev1 <=0.0.2b7) +25 more potentially affected by CVE-2024-1968 via scrapy (>=1.3.3 <=1.8.4)

scrapy PYPI version =1.3.3, =0.1.2, =0.0.1.dev1, =1.2.1.20160901, =0.0.5, =0.0.20, =0.9.3, =0.0.1, =1.0.0, =1.0.0, =1.7.2, =1.1.0, =0.1.0, =0.2.3, =0.0.1, =0.1.1, =0.1.4 and more Source cves: CVE-2024-1968 Source advisory: OSV:PYSEC-2024-258...