keplergl/kepler.gl

[Bug][Jupyter Widget] Security vulnerabilities in Ipywidgets

dazza-codes opened this issue · 0 comments

Security vulnerabilities in python dependency:

-> Vulnerability found in ipywidgets version 7.8.1
   Vulnerability ID: 50664
   Affected spec: <8.0.0
   ADVISORY: Ipywidgets 8.0.0 sanitizes descriptions by default.https://github.com/jupyter-widgets/ipywidgets/pull/2785
   PVE-2022-50664
   For more information about this vulnerability, visit https://data.safetycli.com/v/50664/97c
   To ignore this vulnerability, use PyUp vulnerability id 50664 in safety’s ignore command-line argument or add the ignore to your safety policy file.


-> Vulnerability found in ipywidgets version 7.8.1
   Vulnerability ID: 50463
   Affected spec: <8.0.0rc2
   ADVISORY: Ipywidgets 8.0.0rc2 makes descriptions plaintext by default for security.https://github.com/jupyter-widgets/ipywidgets/pull/2785
   PVE-2022-50463
   For more information about this vulnerability, visit https://data.safetycli.com/v/50463/97c
   To ignore this vulnerability, use PyUp vulnerability id 50463 in safety’s ignore command-line argument or add the ignore to your safety policy file.

https://pypi.org/project/ipywidgets/#history