Workflow

PyPi: Fundaml

CVE-2023-24816

Transitive

Safety vulnerability ID: 59401

This vulnerability was reviewed by experts

The information on this page was manually curated by our Cybersecurity Intelligence Team.

Created at Feb 10, 2023 Updated at Aug 08, 2024
Scan your Python projects for vulnerabilities →

Advisory

Fundaml 0.1.32 updates its dependency 'ipython' to version '8.10.0' to include a fix for a Remote Code Execution vulnerability.
https://github.com/tzoght/fundaml/commit/02e60c4d8474aa673f02a65556fef2382fe4cf16

Affected package

fundaml

Latest version: 0.1.38

A foundational machine learning library designed to streamline the end-to-end process of developing and deploying machine learning models. FundAML offers a broad array of tools and utilities for data preprocessing, model training, evaluation, and deployment, making it a fundamental solution for machine learning tasks.

Affected versions

Fixed versions

Vulnerability changelog

Fix

* Docs/requirements.txt to reduce vulnerabilities ([4](https://github.com/tzoght/fundaml/issues/4)) ([`b892b16`](https://github.com/tzoght/fundaml/commit/b892b169d7156c2470d266e874e877ba41e40d5e))
* Docs/requirements.txt to reduce vulnerabilities ([3](https://github.com/tzoght/fundaml/issues/3)) ([`02e60c4`](https://github.com/tzoght/fundaml/commit/02e60c4d8474aa673f02a65556fef2382fe4cf16))
* Docs/requirements.txt to reduce vulnerabilities ([2](https://github.com/tzoght/fundaml/issues/2)) ([`95aeda8`](https://github.com/tzoght/fundaml/commit/95aeda8943821f08e322cf77b4411047afba861e))

Resources

Use this package?

Scan your Python project for dependency vulnerabilities in two minutes

Scan your application

Severity Details

CVSS Base Score

HIGH 7.0

CVSS v3 Details

HIGH 7.0
Attack Vector (AV)
LOCAL
Attack Complexity (AC)
HIGH
Privileges Required (PR)
NONE
User Interaction (UI)
REQUIRED
Scope (S)
UNCHANGED
Confidentiality Impact (C)
HIGH
Integrity Impact (I)
HIGH
Availability Availability (A)
HIGH