Workflow

PyPi: Robotframework-Openapi-Libcore

CVE-2023-32681

Transitive

Safety vulnerability ID: 59149

This vulnerability was reviewed by experts

The information on this page was manually curated by our Cybersecurity Intelligence Team.

Created at May 26, 2023 Updated at Feb 12, 2024
Scan your Python projects for vulnerabilities →

Advisory

Robotframework-openapi-libcore 1.9.1 updates its dependency 'requests' to v2.31.0 to include a security fix.
https://github.com/MarketSquare/robotframework-openapi-libcore/commit/dc8cb2ec97951c9e3a15a509b2a17c835114efcf

Affected package

robotframework-openapi-libcore

Latest version: 1.11.0

A Robot Framework library to facilitate library development for OpenAPI / Swagger APIs.

Affected versions

Fixed versions

Vulnerability changelog

What's Changed
* Added support for security-related `requests` parameters
* Add oas caching by robinmackaij in https://github.com/MarketSquare/robotframework-openapi-libcore/pull/12
* Support oas with readonly properties by robinmackaij in https://github.com/MarketSquare/robotframework-openapi-libcore/pull/13
* Fix invalid verify default by robinmackaij in https://github.com/MarketSquare/robotframework-openapi-libcore/pull/14
* Fix/get valid id for endpoint can be non string by robinmackaij in https://github.com/MarketSquare/robotframework-openapi-libcore/pull/17


**Full Changelog**: https://github.com/MarketSquare/robotframework-openapi-libcore/compare/v1.8.2...v1.9.1

Resources

Use this package?

Scan your Python project for dependency vulnerabilities in two minutes

Scan your application

Severity Details

CVSS Base Score

MEDIUM 6.1

CVSS v3 Details

MEDIUM 6.1
Attack Vector (AV)
NETWORK
Attack Complexity (AC)
HIGH
Privileges Required (PR)
NONE
User Interaction (UI)
REQUIRED
Scope (S)
CHANGED
Confidentiality Impact (C)
HIGH
Integrity Impact (I)
NONE
Availability Availability (A)
NONE