pyupio/safety-db

Issues

• safety scan results in Unhandled exception happened: Invalid specifier: '<.0.13.4' - for package requests

  #2372 opened 3 months ago by sbxmichaelm
  2

• MLflow vulnerability is incorrectly reported as >=2.9.2 when it is really <=2.9.2

  #2371 opened 4 months ago by benglewis
  0

• False Positive for scrapy Vulnerability

  #2365 opened 6 months ago by Matthew-Grayson
  2

• Adjust vulnerable versions of Inquirer for CVE-2022-24439

  #2366 opened 6 months ago by gmetzker
  1

• dparse v0.6.1 showing as im

  #2357 opened 6 months ago by Mr-McBride
  2

• Question: why was the vulnerability on jsonpickle<=1.4.1 removed in last november?

  #2368 opened 6 months ago by Lucas-C
  1

• False positive for CVE-2023-6129

  #2370 opened 6 months ago by nils-van-zuijlen
  1

• Safety Django link in the README is broken

  #2369 opened a year ago by Anupya
  0

• Automatic release each month

  #2334 opened 4 years ago by pawamoy
  2

• 9-month-old withdrawn CVE for aiohttp added to safety-db

  #2363 opened 2 years ago by tharradine
  2

• insecure-package is no longer returned as vulnerable

  #2364 opened 2 years ago by awsbillz
  1

• safetydb website given in Readme is down 404

  #2362 opened 2 years ago by scattered-development
  1

• Unable to install with Pipenv

  #2361 opened 2 years ago by chandanch
  0

• Auto monthly pypi push

  #2348 opened 3 years ago by chriswhite199
  1

• Zulip : wrong version evaluation

  #2359 opened 2 years ago by parlamonbot
  1

• kubernetes vulnerabilities is stale - CVE-2021-29923/45114

  #2358 opened 2 years ago by gary-scio
  1

• Wrong version identifier in vulnerabilities pyup.io-34226 & pyup.io-49495

  #2356 opened 3 years ago by sephii
  1

• Missing May update?

  #2355 opened 3 years ago by connorbode
  1

• Issue with insecure django-oauth-toolkit library

  #2353 opened 3 years ago by panosangelopoulos
  10

• 47833: You report that click is vulnerable, but the authors dont know about it?

  #2354 opened 3 years ago by leberknecht
  1

• Optimade v0.16.9 listed incorrectly as unsafe

  #2350 opened 3 years ago by JPBergsma
  3

• update db more often

  #2352 opened 3 years ago by Niccolum
  1

• Numpy fails safety

  #2349 opened 3 years ago by shernshiou
  3

• Documentation: what *is* a PVE?

  #2345 opened 3 years ago by sparrowt
  1

• Kombu, sendgrid: false positives, shouldn't safety mark sources as vulnerable?

  #2347 opened 3 years ago by m-aciek
  3

• sendgrid vulnerability should have lower limit

  #2344 opened 3 years ago by m-aciek
  1

• Package `tensorflow < 2.7` incorrectly listed as vulnerable for all versions

  #2342 opened 3 years ago by bswami50
  2

• False Positive for KeplerGL

  #2340 opened 3 years ago by kopp
  1

• Package `bleach` has no versions `3.11` or `3.12`

  #2341 opened 3 years ago by LincolnPuzey
  5

• pyup.io-41994 is false positive - grpcio has no dependency on urllib3

  #2343 opened 3 years ago by pshchelo
  1

• Keyword list used to search changelogs

  #2339 opened 4 years ago by nasifimtiazohi
  0

• Package `coverage<6.0b1` incorrectly listed as vulnerable

  #2335 opened 4 years ago by whyscream
  6

• Package `dash` has no version 2.2.0

  #2336 opened 4 years ago by alexcjohnson
  2

• Getting error as FAILED. Kindly help for the solution

  #2324 opened 4 years ago by hemantloni
  2

• Database false positive: Gunicorn request smuggling vulnerability

  #2333 opened 4 years ago by CoburnJoe
  1

• Correction to pip package for pyup.io-39620 for CVE-2021-23338

  #2330 opened 4 years ago by westonsteimel
  3

• lambda-warmer-py warning references a nonexistent version

  #2331 opened 4 years ago by jeffcasavant
  1

• Lost CVE attributes for 37863 and 39602

  #2328 opened 4 years ago by damiencarol
  5

• Possible inconsistency on CVE-2020-35681 for channels

  #2329 opened 4 years ago by thiagoferreiraw
  1

• Multiple tensorflow issues for the same check

  #2326 opened 4 years ago by zionsofer
  1

• Instana vulnerable versions not valid for Python

  #2327 opened 4 years ago by iwt-kschoenrock
  1

• Invalid value for `cve` at insecure_full.json

  #2323 opened 4 years ago by sbs2001
  3

• DOC/Question: What is the relationship between safety-db and NVD (National Vulnerability Database)?

  #2322 opened 4 years ago by MartinThoma
  4

• gender-guesser marked as blocker, but not in insecure_full.json

  #2321 opened 5 years ago by 0LL13
  4

• Python dependency is compared to the wrong project

  #2318 opened 5 years ago by normoes
  3

• python-semantic-release appears to reference wrong package

  #2320 opened 5 years ago by alandtse
  1

• Should malicious libraries also be included in safety-db?

  #2319 opened 5 years ago by exhuma
  1

• python-semantic-release finding

  #2315 opened 5 years ago by wyardley
  4

• Under-described Django issue 38650

  #2317 opened 5 years ago by l0b0
  2

• Add CVE-2019-1010083 for Flask < 1.0

  #2316 opened 5 years ago by jamespic
  1