Safety vulnerability ID: 61703
The information on this page was manually curated by our Cybersecurity Intelligence Team.
Rasa 3.6.12 updates its dependency 'pillow' to include a fix for a high-risk vulnerability affecting libwebp.
Latest version: 3.6.20
Open source machine learning framework to automate text- and voice-based conversations: NLU, dialogue management, connect to Slack, Facebook, and more - Create chatbots and voice assistants
Bugfixes
- [12904](https://github.com/rasahq/rasa/issues/12904): Refresh headers used in requests (e.g. action server requests) made by `EndpointConfig` using its `headers` attribute.
- [12906](https://github.com/rasahq/rasa/issues/12906): Upgrade `pillow` to `10.0.1` to address security vulnerability CVE-2023-4863 found in `10.0.0` version.
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application