Workflow

PyPi: Openapi-Pydantic

CVE-2024-21503

Transitive

Safety vulnerability ID: 71543

This vulnerability was reviewed by experts

The information on this page was manually curated by our Cybersecurity Intelligence Team.

Created at Mar 19, 2024 Updated at Nov 29, 2024
Scan your Python projects for vulnerabilities →

Advisory

Affected versions of 'openapi-pydantic' are potentially vulnerable due to a transitive dependency on `black` versions before 24.3.0, which are susceptible to a Regular Expression Denial of Service (ReDoS) vulnerability.

Affected package

openapi-pydantic

Latest version: 0.5.0

Pydantic OpenAPI schema implementation

Affected versions

Fixed versions

Vulnerability changelog

<!-- Release notes generated using configuration in .github/release.yml at main -->

What's Changed
Dependencies 📦
* chore: Update dependencies to resolve security advisories by mike-oakley in https://github.com/mike-oakley/openapi-pydantic/pull/36


**Full Changelog**: https://github.com/mike-oakley/openapi-pydantic/compare/v0.4.0...v0.4.1

Resources

Use this package?

Scan your Python project for dependency vulnerabilities in two minutes

Scan your application