Workflow

PyPi: Deepdataspace

CVE-2024-26130

Transitive

Safety vulnerability ID: 67007

This vulnerability was reviewed by experts

The information on this page was manually curated by our Cybersecurity Intelligence Team.

Created at Feb 21, 2024 Updated at Feb 10, 2025
Scan your Python projects for vulnerabilities →

Advisory

Deepdataspace version 0.11.0 upgrades its cryptography library from version 42.0.2 to 42.0.5 to address the security issue detailed in CVE-2024-26130.

Affected package

deepdataspace

Latest version: 0.12.2

A tool for CV dataset labeling, visualizing and analysing

Affected versions

Fixed versions

Vulnerability changelog

What's New:
- optimize: speed up dataset loading
- feature: support random visit to dataset
- bugfix: fix dataset filter update logic
- upgrade: security upgrades for Python dependencies

本次更新:
- 优化:数据集加载速度
- 功能:支持数据集随机访问
- 修复:修复数据集筛选栏的更新逻辑
- 升级:升级 Python 包的安全更新

Resources

Use this package?

Scan your Python project for dependency vulnerabilities in two minutes

Scan your application

Severity Details

CVSS Base Score

HIGH 7.5

CVSS v3 Details

HIGH 7.5
Attack Vector (AV)
NETWORK
Attack Complexity (AC)
LOW
Privileges Required (PR)
NONE
User Interaction (UI)
NONE
Scope (S)
UNCHANGED
Confidentiality Impact (C)
NONE
Integrity Impact (I)
NONE
Availability Availability (A)
HIGH