PYSEC-2022-43162 incorrectly applied to redis-py
#207
Comments
mloshakov
changed the title
redis-pyredis-py
|
We're aware of the recent large import with false-positives. I'm sorting through them to see if we can withdraw them or update the affected version ranges based on info from other vulnerability databases. |
oliverchang
added a commit
to google/osv.dev
that referenced
this issue
Nov 22, 2024
This is to reduce the chance of introducing false positive matches. Refs: - pypa/advisory-database#207 - pypa/advisory-database#205
oliverchang
added a commit
to google/osv.dev
that referenced
this issue
Nov 22, 2024
This is to reduce the chance of introducing false positive matches. Refs: - pypa/advisory-database#207 - pypa/advisory-database#205
oliverchang
added a commit
that referenced
this issue
Nov 22, 2024
oliverchang
added a commit
that referenced
this issue
Nov 22, 2024
oliverchang
added a commit
that referenced
this issue
Nov 22, 2024
|
> pip-audit -r <(poetry export -f requirements.txt --with dev)
Warning: poetry-plugin-export will not be installed by default in a future version of Poetry.
In order to avoid a breaking change and make your automation forward-compatible, please install poetry-plugin-export explicitly. See https://python-poetry.org/docs/plugins/#using-plugins for details on how to install a plugin.
To disable this warning run 'poetry config warnings.export false'.
Found 1 known vulnerability in 1 package
Name Version ID Fix Versions
----- ------- ---------------- ------------
redis 5.2.0 PYSEC-2022-43162 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This vulnerability applies to https://github.com/redis/redis not https://github.com/redis/redis-py
Python package does not have that vulnerability
advisory-database/vulns/redis/PYSEC-2022-43162.yaml
Line 1 in c9b8e1f
Should be removed
The text was updated successfully, but these errors were encountered: