Workflow

PyPi: Redisvl

CVE-2024-12797

Transitive

Safety vulnerability ID: 75563

This vulnerability was reviewed by experts

The information on this page was manually curated by our Cybersecurity Intelligence Team.

Created at Feb 11, 2025 Updated at Feb 21, 2025
Scan your Python projects for vulnerabilities →

Advisory

Redisvl updates cryptography from 43.0.3 to 44.0.1 due to the CVE-2024-12797.

Affected package

redisvl

Latest version: 0.4.1

Python client library and CLI for using Redis as a vector database

Affected versions

Fixed versions

Vulnerability changelog

Changes

🚀 New Features

- Add nested JSON example to docs (287)
- Expand CLI usage examples and docs (285)
- Support Redis 8 (282)
- Support for int8 and uint8 dtypes in RedisVL Vectorizers (279)
- Use ULID instead of UUID4 (277)
- Support Python 3.13 (272)

🐛 Bug Fixes

- Patch dependabot security vulnerability in extras dependency (284)

🧰 Maintenance

- Refactor async client connection-handling (280)
- Upgrade to Pydantic V2 models (281)
- Avoid looking at local variables for deprecation warnings (283)
- Deprecate global distance_threshold with semantic router (275)
- Support Python 3.13 (272)
- Only check for workerid if workerinput is present (274)
- Add nightly CI run and optional manual workflow dispatch (271)
- Modularize testing suite (278)
- Add pre-commit hook (273)
- Improve CI test runtime with pytest-xdist (270)
- Consider vectorizer the owner of dtype (267)

Contributors
We'd like to thank all the contributors who worked on this release!

abrookins, justin-cechmanek, rbs333 and tylerhutcherson

Resources

Use this package?

Scan your Python project for dependency vulnerabilities in two minutes

Scan your application