Workflow

PyPi: Cohen3

CVE-2018-18074

Transitive

Safety vulnerability ID: 42040

This vulnerability was reviewed by experts

The information on this page was manually curated by our Cybersecurity Intelligence Team.

Created at Oct 09, 2018 Updated at Mar 22, 2023
Scan your Python projects for vulnerabilities →

Advisory

Cohen3 version 0.8.3 updates its dependency "requests" to include a security fix.

Affected package

cohen3

Latest version: 0.9.3

Cohen3 - DLNA/UPnP Media Server

Affected versions

Fixed versions

Vulnerability changelog

-----------------------------------

General:
- Refactor some backends using the new module backends.models
- Introduces new module: backends.models
- Add backends status to README
- Better and cleaner documentation
- Python 3's f-Strings for backends modules
- Upgraded dependency for requests package (fix vulnerability)
- Split into several files the sphinx's documentation
- Migrate reports from coverage to codecov

Fixes:
- Fix backend IRadioStore (ShoutCast Radio)
- Fix backend TEDStore
- Fix backend LolcatsStore
- Fix backend AppleTrailersStore
- Fix the parsing of the soap messages with encoding declared

Resources

Use this package?

Scan your Python project for dependency vulnerabilities in two minutes

Scan your application

Severity Details

CVSS Base Score

HIGH 7.5

CVSS v3 Details

HIGH 7.5
Attack Vector (AV)
NETWORK
Attack Complexity (AC)
LOW
Privileges Required (PR)
NONE
User Interaction (UI)
NONE
Scope (S)
UNCHANGED
Confidentiality Impact (C)
HIGH
Integrity Impact (I)
NONE
Availability Availability (A)
NONE

CVSS v2 Details

MEDIUM 5.0
Access Vector (AV)
NETWORK
Access Complexity (AC)
LOW
Authentication (Au)
NONE
Confidentiality Impact (C)
PARTIAL
Integrity Impact (I)
NONE
Availability Impact (A)
NONE