Safety vulnerability ID: 66029
The information on this page was manually curated by our Cybersecurity Intelligence Team.
Pyspi version 0.4.1 updates its Torch dependency from version 1.10.0 to 1.13.1 to address the security vulnerability identified as CVE-2022-45907.
https://github.com/DynamicsAndNeuralSystems/pyspi/commit/3b14ea11f4c43f2775beb8c701aaf827c230401d
Latest version: 1.1.1
Library for pairwise analysis of time series data.
Introduction
PySPI v0.4.1 introduces several minor changes to the existing README, as well as migrating documentation from "readthedocs" to an all new "GitBook" page. Simple unit testing has also been incorporated for each of the SPIs using a benchmarking dataset to check for the consistency of outputs.
Highlights of this release
What's Changed
- Removal of old /docs directory
- Addition of a /tests directory for unit testing
- Updated README
- Addition of CODE_OF_CONDUCT.md and SECURITY.md
New features
- Basic unit testing incorporated into a GitHub Actions workflow.
- Updated README file with links to the new GitBooks hosted documentation to replace the old "readthedocs" documentation.
- Added a code of conduct markdown
- Added a security policy markdown
Bug Fixes
- Fixed a PyTorch security vulnerability issue with severity "critical" (pertaining to arbitrary code execution) by updating torch from version `1.10.0` to `1.13.1`.
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application