PyPi: Rubrix

CVE-2019-18797

Transitive

Safety vulnerability ID: 47844

This vulnerability was reviewed by experts

The information on this page was manually curated by our Cybersecurity Intelligence Team.

Created at Nov 06, 2019 Updated at Mar 22, 2023
Scan your Python projects for vulnerabilities →

Advisory

Rubrix 0.13.0 replaces vulnerable 'node-sass' v3.5.5 with 'sass' package.

Affected package

rubrix

Latest version: 0.19.0

Open-source tool for exploring, labeling, and monitoring data for NLP projects.

Affected versions

Fixed versions

Vulnerability changelog

[0.13.0](https://github.com/recognai/rubrix/compare/v0.12.1...v0.13.0) (2022-03-30)


Features

* **1119:** users without personal datasets ([1282](https://github.com/recognai/rubrix/issues/1282)) ([555d41d](https://github.com/recognai/rubrix/commit/555d41d8919720398fac6a25f0a37d38a1741c34)), closes [#1119](https://github.com/recognai/rubrix/issues/1119) [#1318](https://github.com/recognai/rubrix/issues/1318) [#1317](https://github.com/recognai/rubrix/issues/1317) [#1323](https://github.com/recognai/rubrix/issues/1323) [#1324](https://github.com/recognai/rubrix/issues/1324)
* **1130:** cleanup rb namespace by refactoring client API ([1160](https://github.com/recognai/rubrix/issues/1160)) ([a0fdd8e](https://github.com/recognai/rubrix/commit/a0fdd8e4eb835d6c6b52f9c3a29d070f4ee77342)), closes [#1130](https://github.com/recognai/rubrix/issues/1130)
* **1144:** weak supervision for multilabel datasets ([1166](https://github.com/recognai/rubrix/issues/1166)) ([fd95bae](https://github.com/recognai/rubrix/commit/fd95baea6efe9fbd00d0b6cae415cd4b0002226f)), closes [#1144](https://github.com/recognai/rubrix/issues/1144) [#1190](https://github.com/recognai/rubrix/issues/1190) [#1237](https://github.com/recognai/rubrix/issues/1237) [#1233](https://github.com/recognai/rubrix/issues/1233) [#1326](https://github.com/recognai/rubrix/issues/1326)
* **datasets:** simplify load flow from hf datasets with no rb format ([1234](https://github.com/recognai/rubrix/issues/1234)) ([a6da1cd](https://github.com/recognai/rubrix/commit/a6da1cd430f4f648decedc5cad17a8fa618bcf3f)), closes [#1327](https://github.com/recognai/rubrix/issues/1327)
* **1180:** show Rubrix version in the webapp ([1243](https://github.com/recognai/rubrix/issues/1243)) ([8c71ad9](https://github.com/recognai/rubrix/commit/8c71ad91f76ccac4bde8e702ccbf2b2e475006bf)), closes [#1180](https://github.com/recognai/rubrix/issues/1180) [#1350](https://github.com/recognai/rubrix/issues/1350) [#1349](https://github.com/recognai/rubrix/issues/1349)
* **1225:** prepare tokenclass dataset for hf training ([1231](https://github.com/recognai/rubrix/issues/1231)) ([ae5e7cd](https://github.com/recognai/rubrix/commit/ae5e7cdd5e0c2eb22d568881b3df6424e3e71e48)), closes [#1225](https://github.com/recognai/rubrix/issues/1225)
* **950:** using record search_keywords for highlighting ([1235](https://github.com/recognai/rubrix/issues/1235)) ([47616bf](https://github.com/recognai/rubrix/commit/47616bfa4d2eec8b90cfb1b798270f458a5c3c0e)), closes [#950](https://github.com/recognai/rubrix/issues/950) [#1278](https://github.com/recognai/rubrix/issues/1278) [#1316](https://github.com/recognai/rubrix/issues/1316) [#1315](https://github.com/recognai/rubrix/issues/1315)
* **981:** add majority voter with multi label support ([1228](https://github.com/recognai/rubrix/issues/1228)) ([8052aa8](https://github.com/recognai/rubrix/commit/8052aa8567d2bdb6f8e52381ca4614a7e1328f1a)), closes [#981](https://github.com/recognai/rubrix/issues/981)
* Introduce a 'text' argument for the TextClassificationRecord ([1246](https://github.com/recognai/rubrix/issues/1246)) ([bb7d93e](https://github.com/recognai/rubrix/commit/bb7d93eadfa04de5e85889beacac4bca7eb77b75))


Bug Fixes
* **1347:** allow tooltip record overlapping in Token Classifier ([1352](https://github.com/recognai/rubrix/issues/1352)) ([87174d3](https://github.com/recognai/rubrix/commit/87174d34b36b48ff9cac275607430a72252fd43c)), closes [#1347](https://github.com/recognai/rubrix/issues/1347)
* **1103:** remove "Error Distribution" from metrics ([1255](https://github.com/recognai/rubrix/issues/1255)) ([b9bb5b4](https://github.com/recognai/rubrix/commit/b9bb5b4309f81dedad57e88a594c46fff2115d9b)), closes [#1103](https://github.com/recognai/rubrix/issues/1103)
* **1149:** fix vulnerable dependencies (node-sass) ([1263](https://github.com/recognai/rubrix/issues/1263)) ([7f8c1d1](https://github.com/recognai/rubrix/commit/7f8c1d18854cc19d9c1924deab22751d004cc20d)), closes [#1149](https://github.com/recognai/rubrix/issues/1149)
* **1211:** fix score scale ([1261](https://github.com/recognai/rubrix/issues/1261)) ([8a72281](https://github.com/recognai/rubrix/commit/8a722815195dd056aabf7053512042ff78a37805)), closes [#1211](https://github.com/recognai/rubrix/issues/1211)
* **1238:** show prediction labels when annotating rule ([1239](https://github.com/recognai/rubrix/issues/1239)) ([0321b88](https://github.com/recognai/rubrix/commit/0321b88b6724436a65e9c4c27871651ad1b804d0)), closes [#1238](https://github.com/recognai/rubrix/issues/1238)
* **1241, 1245:** show new line char in metrics plot & increase mentions in entity consistency ([1257](https://github.com/recognai/rubrix/issues/1257)) ([38930cb](https://github.com/recognai/rubrix/commit/38930cb99eeef0542c6b166034fd83869243e3a0)), closes [#1241](https://github.com/recognai/rubrix/issues/1241) [#1245](https://github.com/recognai/rubrix/issues/1245)
* **1311:** small defects about hover style ([1313](https://github.com/recognai/rubrix/issues/1313)) ([442703c](https://github.com/recognai/rubrix/commit/442703cbf3d708be85dffd2f0fe192d5836b8611)), closes [#1311](https://github.com/recognai/rubrix/issues/1311)
* **1320:** render car return in Token Classifier ([1328](https://github.com/recognai/rubrix/issues/1328)) ([b7f1b7b](https://github.com/recognai/rubrix/commit/b7f1b7bf1a5be2aafc6eb3f8a14e386e374a25d5)), closes [#1320](https://github.com/recognai/rubrix/issues/1320)
* **1335:** force line break in rules summary ([1336](https://github.com/recognai/rubrix/issues/1336)) ([2d77a76](https://github.com/recognai/rubrix/commit/2d77a76c9e33729eafd927dc9633c80751a1c4bc)), closes [#1335](https://github.com/recognai/rubrix/issues/1335)
* **1337:** number of records in the overall annotated coverage ([1338](https://github.com/recognai/rubrix/issues/1338)) ([d384713](https://github.com/recognai/rubrix/commit/d384713fb3f2bd0f525b079ce591f614b9e24790)), closes [#1337](https://github.com/recognai/rubrix/issues/1337)
* **1339:** metrics and status not updated when the query is refreshed ([1340](https://github.com/recognai/rubrix/issues/1340)) ([6fc0a58](https://github.com/recognai/rubrix/commit/6fc0a586497a1a8e8f167486d21b735b72b94943)), closes [#1339](https://github.com/recognai/rubrix/issues/1339)
* **984:** manage super user workspaces ([1268](https://github.com/recognai/rubrix/issues/1268)) ([9b24921](https://github.com/recognai/rubrix/commit/9b24921e094f138e488df1c07d1e6dcc06d4744a)), closes [#984](https://github.com/recognai/rubrix/issues/984) [#1288](https://github.com/recognai/rubrix/issues/1288) [#1290](https://github.com/recognai/rubrix/issues/1290)
* **datasets:** prevent error when no annotated records found in dataset ([1284](https://github.com/recognai/rubrix/issues/1284)) ([c20028f](https://github.com/recognai/rubrix/commit/c20028f746fa1f679a135744f5d5c81e60332869))
* **install:** make starlette an optional dependency ([1295](https://github.com/recognai/rubrix/issues/1295)) ([32afb3d](https://github.com/recognai/rubrix/commit/32afb3db3d5ef639d0457ea41185c7b9d432a071))
* **NER:** create record annotation from tags (also in from_datasets) ([1283](https://github.com/recognai/rubrix/issues/1283)) ([adcf1b1](https://github.com/recognai/rubrix/commit/adcf1b14306c226806187de9506a5d7cc276b072))
* **rules:** store single-label rules with a comp. format for old versions ([1334](https://github.com/recognai/rubrix/issues/1334)) ([eb310d3](https://github.com/recognai/rubrix/commit/eb310d3495a8264974d00e1ca97820cdf06ed701))

Resources

Use this package?

Scan your Python project for dependency vulnerabilities in two minutes

Scan your application

Severity Details

CVSS Base Score

MEDIUM 6.5

CVSS v3 Details

MEDIUM 6.5
Attack Vector (AV)
NETWORK
Attack Complexity (AC)
LOW
Privileges Required (PR)
NONE
User Interaction (UI)
REQUIRED
Scope (S)
UNCHANGED
Confidentiality Impact (C)
NONE
Integrity Impact (I)
NONE
Availability Availability (A)
HIGH

CVSS v2 Details

MEDIUM 4.3
Access Vector (AV)
NETWORK
Access Complexity (AC)
MEDIUM
Authentication (Au)
NONE
Confidentiality Impact (C)
NONE
Integrity Impact (I)
NONE
Availability Impact (A)
PARTIAL