CVE-2022-25304

Advisory

Flowchem 1.0.0a1 updates its dependency 'asyncua' to v0.9.96 to include a security fix.

Affected package

Affected versions

Fixed versions

Vulnerability changelog

What's Changed
* draft: Simplify graph serialization by dcambie in https://github.com/cambiegroup/flowchem/pull/61
* [Snyk] Security upgrade pillow from 9.0.0 to 9.0.1 by snyk-bot in https://github.com/cambiegroup/flowchem/pull/62
* Adopt unsync for spinsolve by dcambie in https://github.com/cambiegroup/flowchem/pull/63
* Linting by dcambie in https://github.com/cambiegroup/flowchem/pull/64
* Bump notebook from 6.4.6 to 6.4.10 by dependabot in https://github.com/cambiegroup/flowchem/pull/65
* Bump notebook from 6.4.10 to 6.4.12 by dependabot in https://github.com/cambiegroup/flowchem/pull/67
* Bump numpy from 1.21.4 to 1.22.0 by dependabot in https://github.com/cambiegroup/flowchem/pull/69
* Bump lxml from 4.6.5 to 4.9.1 by dependabot in https://github.com/cambiegroup/flowchem/pull/72
* [Snyk] Security upgrade mistune from 2.0.1 to 2.0.3 by snyk-bot in https://github.com/cambiegroup/flowchem/pull/70
* Bump nbconvert from 6.3.0 to 6.5.1 by dependabot in https://github.com/cambiegroup/flowchem/pull/73
* [Snyk] Security upgrade asyncua from 0.9.92 to 0.9.96 by dcambie in https://github.com/cambiegroup/flowchem/pull/79
* [Snyk] Security upgrade mistune from 0.8.4 to 2.0.3 by snyk-bot in https://github.com/cambiegroup/flowchem/pull/80
* [Snyk] Fix for 2 vulnerabilities by dcambie in https://github.com/cambiegroup/flowchem/pull/78
* [Snyk] Security upgrade jupyter-core from 4.9.1 to 4.11.2 by snyk-bot in https://github.com/cambiegroup/flowchem/pull/81
* Flowchem main refactor by dcambie in https://github.com/cambiegroup/flowchem/pull/84


**Full Changelog**: https://github.com/cambiegroup/flowchem/compare/v0.0.6...v1.0.0a1

Resources

• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25304