Product Research Enterprise Plans Docs

PyPi: Nannyml

CVE-2022-40897

Transitive

Safety vulnerability ID: 53757

This vulnerability was reviewed by experts

The information on this page was manually curated by our Cybersecurity Intelligence Team.

Created at Dec 23, 2022 Updated at Oct 30, 2024

Scan your Python projects for vulnerabilities →

Advisory

Nannyml 0.8.4 updates its dependency 'setuptools' to v65.5.1 to include a security fix.

Affected package

nannyml

Latest version: 0.12.1

NannyML, Your library for monitoring model performance.

Affected versions

Fixed versions

Vulnerability changelog

Changed

- Updated univariate drift methods to no longer store all reference data by default [(182)](https://github.com/NannyML/nannyml/issues/182)
- Updated univariate drift methods to deal better with missing data [(202)](https://github.com/NannyML/nannyml/issues/202)
- Updated the included example datasets
- Critical security updates for dependencies
- Updated visualization of multi-level table headers in the docs [(242)](https://github.com/NannyML/nannyml/issues/242)
- Improved typing support for Result classes using generics

Added

- Support for estimating the confusion matrix for binary classification [(191)](https://github.com/NannyML/nannyml/issues/191)
- Added `treat_as_categorical` parameter to univariate drift calculator [(239)](https://github.com/NannyML/nannyml/issues/239)
- Added comparison plots to help visualize two different metrics at once

Fixed

- Fix missing confidence boundaries in some plots [(193)](https://github.com/NannyML/nannyml/issues/193)
- Fix incorrect metric names on plot y-axes [(195)](https://github.com/NannyML/nannyml/issues/195)
- Fix broken links to external docs [(196)](https://github.com/NannyML/nannyml/issues/196)
- Fix missing display name to performance calculation and estimation charts [(200)](https://github.com/NannyML/nannyml/issues/200)
- Fix missing confidence boundaries for single metric plots [(203)](https://github.com/NannyML/nannyml/issues/203)
- Fix incorrect code in example notebook for ranking
- Fix result corruption when re-using calculators [(206)](https://github.com/NannyML/nannyml/issues/206)
- Fix unintentional period filtering [(199)](https://github.com/NannyML/nannyml/issues/199)
- Fixed some typing issues [(213)](https://github.com/NannyML/nannyml/issues/213)
- Fixed missing data requirements documentation on regression [(215)](https://github.com/NannyML/nannyml/issues/215)
- Corrections in the glossary [(214)](https://github.com/NannyML/nannyml/issues/214), thanks [sebasmos](https://github.com/sebasmos)!
- Fix missing treshold in plotting legend [(219)](https://github.com/NannyML/nannyml/issues/219)
- Fix missing annotation in single row & column charts [(221)](https://github.com/NannyML/nannyml/issues/221)
- Fix outdated performance estimation and calculation docs [(223)](https://github.com/NannyML/nannyml/issues/223)
- Fix categorical encoding of unseen values for DLE [(224)](https://github.com/NannyML/nannyml/issues/224)
- Fix incorrect legend for None timeseries [(235)](https://github.com/NannyML/nannyml/issues/235)

Resources

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40897

Use this package?

Scan your Python project for dependency vulnerabilities in two minutes

Scan your application

Severity Details

CVSS Base Score

MEDIUM 5.9

CVSS v3 Details

MEDIUM 5.9

Attack Vector (AV): NETWORK
Attack Complexity (AC): HIGH
Privileges Required (PR): NONE
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality Impact (C): NONE
Integrity Impact (I): NONE
Availability Availability (A): HIGH