Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
💚 Ignore
numpy
security vulnerability
Fixes ``` poetry run tox -e security -- security create: /Users/TeofiloZosa/Developer/personal/pytudes/.tox/security security installdeps: safety security installed: certifi==2021.10.8,charset-normalizer==2.0.12,click==8.0.4,dparse==0.5.1,idna==3.3,packaging==21.3,pyparsing==3.0.7,PyYAML==6.0,requests==2.27.1,safety==1.10.3,toml==0.10.2,urllib3==1.26.8 security run-test-pre: PYTHONHASHSEED='2751242999' security run-test: commands[0] | safety check --full-report -r /Users/TeofiloZosa/Developer/personal/pytudes/requirements-all.txt +==============================================================================+ | | | /$$$$$$ /$$ | | /$$__ $$ | $$ | | /$$$$$$$ /$$$$$$ | $$ \__//$$$$$$ /$$$$$$ /$$ /$$ | | /$$_____/ |____ $$| $$$$ /$$__ $$|_ $$_/ | $$ | $$ | | | $$$$$$ /$$$$$$$| $$_/ | $$$$$$$$ | $$ | $$ | $$ | | \____ $$ /$$__ $$| $$ | $$_____/ | $$ /$$| $$ | $$ | | /$$$$$$$/| $$$$$$$| $$ | $$$$$$$ | $$$$/| $$$$$$$ | | |_______/ \_______/|__/ \_______/ \___/ \____ $$ | | /$$ | $$ | | | $$$$$$/ | | by pyup.io \______/ | | | +==============================================================================+ | REPORT | | checked 181 packages, using free DB (updated once a month) | +============================+===========+==========================+==========+ | package | installed | affected | ID | +============================+===========+==========================+==========+ | numpy | 1.22.2 | >0 | 44715 | +==============================================================================+ | All versions of Numpy are affected by CVE-2021-41495: A null Pointer | | Dereference vulnerability exists in numpy.sort, in the PyArray_DescrNew | | function due to missing return-value validation, which allows attackers to | | conduct DoS attacks by repetitively creating sort arrays. | | numpy/numpy#19038 | +==============================================================================+ ERROR: InvocationError for command /Users/TeofiloZosa/Developer/personal/pytudes/.tox/security/bin/safety check --full-report -r requirements-all.txt (exited with code 255) (exited with code 255) _________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________ summary _________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________ ERROR: security: commands failed make[1]: *** [tox-security] Error 1 make: *** [scan-dependencies] Error 2 ```