CVE-2022-39280

CVE-2022-39280 affects the dparse parser (Python dependency files) prior to version 0.5.2. It exposes a Regular Expression Denial of Service via an exploited regex in parsing index server URLs. A patch is available in 0.5.2; upgrade is advised. If upgrading is not feasible, avoid passing index se...