CVE-2023-36053

Advisory

Deepdataspace 0.5.0 updates its dependency 'django' to version '4.1.10' to include a fix for a ReDoS vulnerability.

Affected package

Affected versions

Fixed versions

Vulnerability changelog

What's New
- feat: add detailed error codes and error messages on all scenarios
- feat: support for directly trying out the intelligent annotation APIs from the DDS algorithm platform
- feat: add prompt message for quick mode annotation
- optimize: download sample datasets from accelerated host
- fix: upgrade open-source components and dependencies to fix security vulnerabilities for frontend and backend
- chore: upload test report to codecov in tool-ci pipeline
- docs: refine API docs for all models definition

本次更新
- 功能：新增各场景下的错误码和错误消息提示
- 功能：支持直接体验 DDS 算法平台的智能标注
- 功能：增加快速标注提示文案
- 优化：优化快速启动时下载样例数据集的速度
- 修复：升级前后端开源组件及依赖以修复安全漏洞
- 构建：恢复上传单元测试的报告到 codecov
- 文档：优化各 Model 定义的 API 文档

Resources

• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36053
• https://github.com/IDEA-Research/deepdataspace/commit/d1bedf2d3657bfd3ecf1bc42b6bcd6d94047a59d