[GitHub] Your Dependabot alerts for the week of Jul 27 - Aug 3
Published on Aug. 22, 2023, 12:02 p.m.
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit
Dependabot alerts on GitHub
Explore this week on GitHub
security alert digest
napoler’s repository security updates from the week of Jul 27 - Aug 3
napoler’s personal account
napoler / Terryweb
Known security vulnerabilities detected
Dependency
grunt
Version
< 1.3.0
Upgrade to
~> 1.3.0
Defined in
package.json
Vulnerabilities
CVE-2020-7729
High severity
Review all vulnerable dependencies
napoler / napoler.github.io
Known security vulnerabilities detected
Dependency
grunt
Version
< 1.3.0
Upgrade to
~> 1.3.0
Defined in
package.json
Vulnerabilities
CVE-2020-7729
High severity
Review all vulnerable dependencies
napoler / aihelp-docker
Known security vulnerabilities detected
Dependency
nltk
Version
< 3.4.5
Upgrade to
~> 3.4.5
Defined in
requirements.txt
Vulnerabilities
CVE-2019-14751
High severity
Dependency
Flask-Caching
Version
<= 1.10.1
Defined in
requirements.txt
Vulnerabilities
Review all vulnerable dependencies
napoler / ubuntu-python-docker
Known security vulnerabilities detected
Dependency
nltk
Version
< 3.4.5
Upgrade to
~> 3.4.5
Defined in
requirements.txt
Vulnerabilities
CVE-2019-14751
High severity
Dependency
Flask-Caching
Version
<= 1.10.1
Defined in
requirements.txt
Vulnerabilities
Review all vulnerable dependencies
napoler / bert-cn
Known security vulnerabilities detected
Dependency
xterm
Version
< 3.8.1
Upgrade to
~> 3.8.1
Defined in
package.json
Vulnerabilities
CVE-2019-0542
Low severity
Dependency
werkzeug
Version
< 0.15.3
Upgrade to
~> 0.15.3
Defined in
requirements.txt
Vulnerabilities
CVE-2019-14806
High severity
Dependency
pillow
Version
< 6.2.0
Upgrade to
~> 6.2.0
Defined in
requirements.txt
Suggested update
#3
Vulnerabilities
CVE-2019-16865
Low severity
GHSA-jgpv-4h4c-xhw3
Moderate severity
Dependency
handlebars
Version
< 4.3.0
Upgrade to
~> 4.3.0
Defined in
package.json
Suggested update
#4
Vulnerabilities
CVE-2019-19919
Critical severity
CVE-2021-23369
Critical severity
GHSA-q2c6-c6pm-g3gh
High severity
GHSA-g9r4-xpmj-mj65
High severity
GHSA-2cf5-4w76-r9qv
High severity
View 1 more
Dependency
Pillow
Version
< 6.2.2
Upgrade to
~> 6.2.2
Defined in
requirements.txt
Vulnerabilities
CVE-2021-25288
Critical severity
CVE-2021-25287
Critical severity
CVE-2020-35653
High severity
CVE-2020-35655
High severity
CVE-2020-35654
High severity
View 17 more
Dependency
marked
Version
= 0.4.0
< 0.7.0
Upgrade to
~> 0.7.0
Defined in
package.json
Suggested update
#5
Vulnerabilities
GHSA-ch52-vgq2-943f
Low severity
Dependency
ansi_up
Version
< 5.0.0
Upgrade to
~> 5.0.0
Defined in
package.json
Vulnerabilities
CVE-2021-3377
Moderate severity
Dependency
jinja2
Version
< 2.11.3
Upgrade to
~> 2.11.3
Defined in
requirements.txt
Suggested update
#8
Vulnerabilities
CVE-2020-28493
Moderate severity
Dependency
sanitize-html
Version
< 2.3.2
Upgrade to
~> 2.3.2
Defined in
package.json
Vulnerabilities
CVE-2021-26540
Moderate severity
CVE-2021-26539
Moderate severity
Dependency
url-parse
Version
< 1.5.0
Upgrade to
~> 1.5.0
Defined in
package.json
Vulnerabilities
CVE-2021-27515
High severity
Dependency
codemirror
Version
< 5.58.2
Upgrade to
~> 5.58.2
Defined in
package.json
Vulnerabilities
CVE-2020-7760
Moderate severity
Dependency
urllib3
Version
< 1.26.5
Upgrade to
~> 1.26.5
Defined in
requirements.txt
Suggested update
#9
Vulnerabilities
CVE-2021-33503
High severity
CVE-2020-26137
Moderate severity
Review all vulnerable dependencies
napoler / Terry-toolkit
Known security vulnerabilities detected
Dependency
tensorflow
Version
< 1.15
Upgrade to
~> 1.15
Defined in
requirements.txt
Vulnerabilities
CVE-2020-15202
Critical severity
CVE-2020-15206
Critical severity
CVE-2020-15205
Critical severity
CVE-2020-5215
High severity
CVE-2020-15203
High severity
View 18 more
Dependency
bleach
Version
< 3.1.1
Upgrade to
~> 3.1.1
Defined in
requirements.txt
Vulnerabilities
CVE-2020-6802
Moderate severity
CVE-2020-6802
Moderate severity
CVE-2020-6816
Moderate severity
CVE-2020-6816
Moderate severity
CVE-2020-6817
Moderate severity
View 3 more
Dependency
psutil
Version
<= 5.6.5
Upgrade to
~> 5.6.6
Defined in
requirements.txt
Suggested update
#5
Vulnerabilities
CVE-2019-18874
Moderate severity
Dependency
notebook
Version
<= 6.1.4
Upgrade to
~> 6.1.5
Defined in
requirements.txt
Vulnerabilities
CVE-2020-26215
Moderate severity
CVE-2020-26215
Moderate severity
Dependency
lxml
Version
< 4.6.2
Upgrade to
~> 4.6.2
Defined in
requirements.txt
Vulnerabilities
CVE-2020-27783
Moderate severity
CVE-2020-27783
Moderate severity
CVE-2021-28957
Moderate severity
CVE-2021-28957
Moderate severity
Dependency
jinja2
Version
< 2.11.3
Upgrade to
~> 2.11.3
Defined in
requirements.txt
Vulnerabilities
CVE-2020-28493
Moderate severity
CVE-2020-28493
Moderate severity
Dependency
Pygments
Version
= 1.1
< 2.7.4
Upgrade to
~> 2.7.4
Defined in
requirements.txt
Vulnerabilities
CVE-2021-20270
High severity
CVE-2021-20270
High severity
CVE-2021-27291
Moderate severity
CVE-2021-27291
Moderate severity
Dependency
urllib3
Version
= 1.25.2
<= 1.25.7
Upgrade to
~> 1.25.8
Defined in
requirements.txt
Vulnerabilities
CVE-2020-7212
High severity
CVE-2020-7212
High severity
CVE-2021-33503
High severity
CVE-2021-33503
High severity
CVE-2020-26137
Moderate severity
View 1 more
Review all vulnerable dependencies
napoler / terry_search_web
Known security vulnerabilities detected
Dependency
lxml
Version
< 4.6.2
Upgrade to
~> 4.6.2
Defined in
requirements.txt
Suggested update
#1
Vulnerabilities
CVE-2020-27783
Moderate severity
CVE-2021-28957
Moderate severity
Dependency
urllib3
Version
< 1.26.5
Upgrade to
~> 1.26.5
Defined in
requirements.txt
Suggested update
#3
Vulnerabilities
CVE-2021-33503
High severity
CVE-2020-26137
Moderate severity
Review all vulnerable dependencies
napoler / ai_writer
Known security vulnerabilities detected
Dependency
activesupport
Version
< 4.1.11
Upgrade to
~> 4.1.11
Defined in
Gemfile.lock
Vulnerabilities
CVE-2015-3227
Moderate severity
Dependency
sprockets
Version
< 2.12.5
Upgrade to
~> 2.12.5
Defined in
Gemfile.lock
Vulnerabilities
CVE-2018-3760
High severity
Dependency
ffi
Version
< 1.9.24
Upgrade to
~> 1.9.24
Defined in
Gemfile.lock
Vulnerabilities
CVE-2018-1000201
Moderate severity
Dependency
rack
Version
< 1.6.11
Upgrade to
~> 1.6.11
Defined in
Gemfile.lock
Vulnerabilities
CVE-2020-8184
High severity
CVE-2019-16782
Low severity
CVE-2018-16471
Moderate severity
Dependency
jquery
Version
< 3.0.0
Upgrade to
~> 3.0.0
Defined in
package.json
Vulnerabilities
CVE-2015-9251
High severity
CVE-2016-10707
Moderate severity
CVE-2019-11358
Moderate severity
CVE-2020-11022
Moderate severity
CVE-2020-11023
Moderate severity
Dependency
nltk
Version
< 3.4.5
Upgrade to
~> 3.4.5
Defined in
requirements.txt
Vulnerabilities
CVE-2019-14751
High severity
Dependency
haml
Version
< 5.0.0
Upgrade to
~> 5.0.0
Defined in
Gemfile.lock
Suggested update
#1
Vulnerabilities
CVE-2017-1002201
Moderate severity
Dependency
bleach
Version
< 3.1.1
Upgrade to
~> 3.1.1
Defined in
requirements.txt
Suggested update
#3
Vulnerabilities
CVE-2020-6802
Moderate severity
CVE-2020-6816
Moderate severity
CVE-2020-6817
Moderate severity
CVE-2021-23980
Moderate severity
Dependency
psutil
Version
<= 5.6.5
Upgrade to
~> 5.6.6
Defined in
requirements.txt
Suggested update
#4
Vulnerabilities
CVE-2019-18874
Moderate severity
Dependency
json
Version
< 2.3.0
Upgrade to
~> 2.3.0
Defined in
Gemfile.lock
Suggested update
#7
Vulnerabilities
CVE-2020-10663
Moderate severity
Dependency
kramdown
Version
< 2.3.0
Upgrade to
~> 2.3.0
Defined in
Gemfile.lock
Vulnerabilities
CVE-2020-14001
Critical severity
Dependency
notebook
Version
<= 6.1.4
Upgrade to
~> 6.1.5
Defined in
requirements.txt
Suggested update
#8
Vulnerabilities
CVE-2020-26215
Moderate severity
Dependency
lxml
Version
< 4.6.2
Upgrade to
~> 4.6.2
Defined in
requirements.txt
Suggested update
#9
Vulnerabilities
CVE-2020-27783
Moderate severity
CVE-2021-28957
Moderate severity
Dependency
jinja2
Version
< 2.11.3
Upgrade to
~> 2.11.3
Defined in
requirements.txt
Suggested update
#11
Vulnerabilities
CVE-2020-28493
Moderate severity
Dependency
Pygments
Version
= 1.1
< 2.7.4
Upgrade to
~> 2.7.4
Defined in
requirements.txt
Suggested update
#12
Vulnerabilities
CVE-2021-20270
High severity
CVE-2021-27291
Moderate severity
Dependency
urllib3
Version
< 1.26.5
Upgrade to
~> 1.26.5
Defined in
requirements.txt
Suggested update
#14
Vulnerabilities
CVE-2021-33503
High severity
CVE-2020-26137
Moderate severity
Review all vulnerable dependencies
napoler / AutoBUlidVocabulary
Known security vulnerabilities detected
Dependency
urllib3
Version
= 1.25.2
<= 1.25.7
Upgrade to
~> 1.25.8
Defined in
requirements.txt
Suggested update
#1
Vulnerabilities
CVE-2020-7212
High severity
CVE-2021-33503
High severity
CVE-2020-26137
Moderate severity
Review all vulnerable dependencies
t-web organization
t-web / ToPower
Known security vulnerabilities detected
Dependency
symfony/http-foundation
Version
= 3.0.0
< 3.4.26
Upgrade to
~> 3.4.26
Defined in
composer.lock
Vulnerabilities
CVE-2019-10913
Critical severity
CVE-2019-18888
High severity
Dependency
illuminate/database
Version
< 6.20.12
Upgrade to
~> 6.20.12
Defined in
composer.lock
Vulnerabilities
CVE-2021-21263
High severity
GHSA-x7p5-p2c9-phvg
High severity
GHSA-4mg9-vhxq-vm7j
High severity
Dependency
rmccue/requests
Version
= 1.6.0
< 1.8.0
Upgrade to
~> 1.8.0
Defined in
composer.lock
Vulnerabilities
CVE-2021-29476
Critical severity
Review all vulnerable dependencies
Always verify the validity and compatibility of suggestions with your codebase.
Change how you receive security alert emails in your
notification preferences.
Unsubscribe ·
Email preferences ·
Terms ·
Privacy ·
Sign into GitHub
GitHub, Inc.
88 Colin P Kelly Jr St.
San Francisco, CA 94107