PyPi: Project-Lighter

CVE-2024-22195

Transitive

Safety vulnerability ID: 71756

This vulnerability was reviewed by experts

The information on this page was manually curated by our Cybersecurity Intelligence Team.

Created at Jan 11, 2024 Updated at Dec 11, 2024
Scan your Python projects for vulnerabilities →

Advisory

Project-lighter 0.0.2 updates its dependency 'jinja2' to v3.1.3 to include a security fix.

Affected package

project-lighter

Latest version: 0.0.2

YAML-based automated rapid prototyping framework for deep learning experiments

Affected versions

Fixed versions

Vulnerability changelog

What's Changed
* Switch to Lightning by ibro45 in https://github.com/project-lighter/lighter/pull/1
* Add issue template by surajpaib in https://github.com/project-lighter/lighter/pull/8
* Reorganize the structure by ibro45 in https://github.com/project-lighter/lighter/pull/13
* Fixes scheduler instantiation by surajpaib in https://github.com/project-lighter/lighter/pull/16
* Implement a logging callback that unifies multiple loggers by ibro45 in https://github.com/project-lighter/lighter/pull/15
* Improve forward and predict type-based calls by ibro45 in https://github.com/project-lighter/lighter/pull/14
* Improved packaging and CI pipeline for lighter by surajpaib in https://github.com/project-lighter/lighter/pull/17
* Simplify CLI by ibro45 in https://github.com/project-lighter/lighter/pull/25
* Improve style by ibro45 in https://github.com/project-lighter/lighter/pull/27
* Fix logger code issues by surajpaib in https://github.com/project-lighter/lighter/pull/41
* Add histogram to logger by surajpaib in https://github.com/project-lighter/lighter/pull/42
* LighterWriter - write/save predictions by ibro45 in https://github.com/project-lighter/lighter/pull/40
* Switch to MONAI inferers. Add LighterFreezer. Add custom collate functions. Add Logger fixes, epoch num logging, image preprocessing fix. Add loss and metric monitoring. Add seeding. Add model checkpoint load with prefix adjustment. by ibro45 in https://github.com/project-lighter/lighter/pull/43
* Create diagram.yml by surajpaib in https://github.com/project-lighter/lighter/pull/52
* Bump cryptography from 39.0.0 to 39.0.1 by dependabot in https://github.com/project-lighter/lighter/pull/53
* Bump werkzeug from 2.2.2 to 2.2.3 by dependabot in https://github.com/project-lighter/lighter/pull/54
* Bump cleo from 1.0.0a5 to 2.0.0 by dependabot in https://github.com/project-lighter/lighter/pull/55
* Upgrade PL and torch by surajpaib in https://github.com/project-lighter/lighter/pull/56
* Update diagram.yml with PAT by surajpaib in https://github.com/project-lighter/lighter/pull/58
* Fix repo-token location by surajpaib in https://github.com/project-lighter/lighter/pull/59
* Simplify config instantiation by surajpaib in https://github.com/project-lighter/lighter/pull/57
* Pass config to logger + simplify project import by surajpaib in https://github.com/project-lighter/lighter/pull/61
* Add auto publish workflow by surajpaib in https://github.com/project-lighter/lighter/pull/64
* Simplify batch splitting, add None collate support for when target is not expected by ibro45 in https://github.com/project-lighter/lighter/pull/65
* Fix auto publish bug and merge with diagram by surajpaib in https://github.com/project-lighter/lighter/pull/67
* Add logo by surajpaib in https://github.com/project-lighter/lighter/pull/45
* Fix poetry download link by surajpaib in https://github.com/project-lighter/lighter/pull/68
* Remove contrib submodule by ibro45 in https://github.com/project-lighter/lighter/pull/69
* Fixes by surajpaib in https://github.com/project-lighter/lighter/pull/70
* Fixes by surajpaib in https://github.com/project-lighter/lighter/pull/71
* Fixes for Freezer by surajpaib in https://github.com/project-lighter/lighter/pull/72
* Learning rate logging by ibro45 in https://github.com/project-lighter/lighter/pull/66
* Refactor system, freezer. Improve config structure. Add data postprocessing prior to criterion, metrics or logging. by ibro45 in https://github.com/project-lighter/lighter/pull/74
* Add "id" support. Refactor Writers. Add Writer additional format extensibility. by ibro45 in https://github.com/project-lighter/lighter/pull/78
* Bump pillow from 10.0.0 to 10.0.1 by dependabot in https://github.com/project-lighter/lighter/pull/85
* Bump aiohttp from 3.8.5 to 3.8.6 by dependabot in https://github.com/project-lighter/lighter/pull/89
* Bump gitpython from 3.1.35 to 3.1.37 by dependabot in https://github.com/project-lighter/lighter/pull/88
* Bump urllib3 from 2.0.4 to 2.0.7 by dependabot in https://github.com/project-lighter/lighter/pull/87
* Bump werkzeug from 2.3.6 to 2.3.8 by dependabot in https://github.com/project-lighter/lighter/pull/86
* Fix MONAI-ITK orientation. Improve Writer docstrings. by ibro45 in https://github.com/project-lighter/lighter/pull/81
* Security updates by dependabot in https://github.com/project-lighter/lighter/pull/96
* Refactor logging by surajpaib in https://github.com/project-lighter/lighter/pull/93
* Update dependencies by surajpaib in https://github.com/project-lighter/lighter/pull/101
* Remove timestamp dir in writers and log that checkpoint was loaded succesfully by ibro45 in https://github.com/project-lighter/lighter/pull/102
* Memfix by surajpaib in https://github.com/project-lighter/lighter/pull/106
* Improve console logging and tracebacks by ibro45 in https://github.com/project-lighter/lighter/pull/105
* Standardize batch format. Introduce batch postprocessing. by ibro45 in https://github.com/project-lighter/lighter/pull/107
* Bump black from 23.12.1 to 24.3.0 by dependabot in https://github.com/project-lighter/lighter/pull/108
* Add docs with auto API reference generation when pushed to main. by ibro45 in https://github.com/project-lighter/lighter/pull/110
* Dependabot security updates by ibro45 in https://github.com/project-lighter/lighter/pull/117
* Support subloss logging through loss dicts by ibro45 in https://github.com/project-lighter/lighter/pull/111
* Update lock file by surajpaib in https://github.com/project-lighter/lighter/pull/122
* Refactor cli and runner. Implement reserved config keys. Add feature to pass args to Trainer's methods. by ibro45 in https://github.com/project-lighter/lighter/pull/124
* Make checkpoint loading more informative. Remove incorrect Metric type check. Make TableWriter expect a path instead of dir. by ibro45 in https://github.com/project-lighter/lighter/pull/126

New Contributors
* surajpaib made their first contribution in https://github.com/project-lighter/lighter/pull/8

**Full Changelog**: https://github.com/project-lighter/lighter/commits/v0.0.2

Resources

Use this package?

Scan your Python project for dependency vulnerabilities in two minutes

Scan your application

Severity Details

CVSS Base Score

MEDIUM 6.1

CVSS v3 Details

MEDIUM 6.1
Attack Vector (AV)
NETWORK
Attack Complexity (AC)
LOW
Privileges Required (PR)
NONE
User Interaction (UI)
REQUIRED
Scope (S)
CHANGED
Confidentiality Impact (C)
LOW
Integrity Impact (I)
LOW
Availability Availability (A)
NONE