Workflow

PyPi: Libtmux

CVE-2020-8927

Transitive

Safety vulnerability ID: 46485

This vulnerability was reviewed by experts

The information on this page was manually curated by our Cybersecurity Intelligence Team.

Created at Sep 15, 2020 Updated at Dec 24, 2024
Scan your Python projects for vulnerabilities →

Advisory

Libtmux 0.11.0 updates its dependency 'brotly' to versions >=1.0.9 to include a security fix.

Affected package

libtmux

Latest version: 0.40.1

Typed library that provides an ORM wrapper for tmux, a terminal multiplexer.

Affected versions

Fixed versions

Vulnerability changelog

Compatibility

- Final python 3.7 and 3.8 release

Bug fixes and security updates will go to
[`v0.11.x`](https://github.com/tmux-python/libtmux/tree/v0.11.x)

- Internal: Use new separator to split `tmux(1)` formatting information ({issue}`289`,
{issue}`343`)

The separator is configurable via `LIBTMUX_TMUX_FORMAT_SEPARATOR`. If you ever
have compatiblity issues in the future let us know which default works best
across versions.

Credit: JonathanRaiman and jagguli

- Basic type annotations ({issue}`359`, {issue}`361`) via otherJL0

Development

- Code cleanup ({issue}`362`) from otherJL0
- Format with black w/ string normalization. This is a one-time diff ({issue}`354`)

Documentation

- Sidebar reorganized into sections
- Added documentation on fetching developmental releases of libtmux

Resources

Use this package?

Scan your Python project for dependency vulnerabilities in two minutes

Scan your application

Severity Details

CVSS Base Score

MEDIUM 6.5

CVSS v3 Details

MEDIUM 6.5
Attack Vector (AV)
NETWORK
Attack Complexity (AC)
LOW
Privileges Required (PR)
NONE
User Interaction (UI)
NONE
Scope (S)
UNCHANGED
Confidentiality Impact (C)
NONE
Integrity Impact (I)
LOW
Availability Availability (A)
LOW

CVSS v2 Details

MEDIUM 6.4
Access Vector (AV)
NETWORK
Access Complexity (AC)
LOW
Authentication (Au)
NONE
Confidentiality Impact (C)
NONE
Integrity Impact (I)
PARTIAL
Availability Impact (A)
PARTIAL