Workflow

PyPi: Sphinx-Wagtail-Theme

CVE-2020-8203

Transitive

Safety vulnerability ID: 45785

This vulnerability was reviewed by experts

The information on this page was manually curated by our Cybersecurity Intelligence Team.

Created at Jul 15, 2020 Updated at Nov 01, 2024
Scan your Python projects for vulnerabilities →

Advisory

Sphinx-wagtail-theme 4.3.0 updates its NPM dependency 'lodash' to v4.17.19 to include a security fix.

Affected package

sphinx-wagtail-theme

Latest version: 6.4.0

Sphinx Wagtail theme

Affected versions

Fixed versions

Vulnerability changelog

==================

* 5ac9115 v4.3.0
* d605a2c Update .compact-list, only for screens >=992px
* e886449 Bring back .compact-list, remove Figure:
* f56aeea Fix indent of nested .line-block
* 604eee1 Issue 14: Tweak $box-shadow-sm
* 7d52ca8 Enable sourceMap in Gruntfile.js
* 53012f5 Update yarn.lock - apply security updates reported by GitHub
* 0ffa575 Update flake8 exclude - don't check ``*GENERATED*`` files
* 1225ec1 Add styles .centered, .rubric - add css classes
* 14eea54 Update style p.attribution - style attribution in blockquotes
* 56bbb03 Update style .versionmodified - make 'versionadded' stick out
* 0610ae2 [FEATURE] Issue 80: Breakpoint to allow width:99999px - use total
width for screens >= 1800px

Resources

Use this package?

Scan your Python project for dependency vulnerabilities in two minutes

Scan your application

Severity Details

CVSS Base Score

HIGH 7.4

CVSS v3 Details

HIGH 7.4
Attack Vector (AV)
NETWORK
Attack Complexity (AC)
HIGH
Privileges Required (PR)
NONE
User Interaction (UI)
NONE
Scope (S)
UNCHANGED
Confidentiality Impact (C)
NONE
Integrity Impact (I)
HIGH
Availability Availability (A)
HIGH

CVSS v2 Details

MEDIUM 5.8
Access Vector (AV)
NETWORK
Access Complexity (AC)
MEDIUM
Authentication (Au)
NONE
Confidentiality Impact (C)
NONE
Integrity Impact (I)
PARTIAL
Availability Impact (A)
PARTIAL