Product Research Enterprise Plans Docs

PyPi: Vvspy

CVE-2024-35195

Transitive

Safety vulnerability ID: 71104

This vulnerability was reviewed by experts

The information on this page was manually curated by our Cybersecurity Intelligence Team.

Created at May 20, 2024 Updated at May 09, 2025

Scan your Python projects for vulnerabilities →

Advisory

[This advisory has been limited. Please create a free account to view the full advisory.]

Affected package

vvspy

Latest version: 2.3.0

API Wrapper for VVS (Verkehrsverbund Stuttgart)

Affected versions

[This affected versions has been limited. Please create a free account to view the full affected versions.]

Fixed versions

[This fixed versions has been limited. Please create a free account to view the full fixed versions.]

Vulnerability changelog

What's Changed
* fixed typo in readme by zaanposni in https://github.com/zaanposni/vvspy/pull/74
* dropped support for python 3.6 and 3.7 to fix vulnerability CVE-2024-35195 in requests dependency

**Full Changelog**: https://github.com/zaanposni/vvspy/compare/v2.0.2...v2.1.0

Resources

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35195

Use this package?

Scan your Python project for dependency vulnerabilities in two minutes

Scan your application

Severity Details

CVSS Base Score

MEDIUM 5.6

CVSS v3 Details

MEDIUM 5.6

Attack Vector (AV): LOCAL
Attack Complexity (AC): HIGH
Privileges Required (PR): HIGH
User Interaction (UI): REQUIRED
Scope (S): UNCHANGED
Confidentiality Impact (C): HIGH
Integrity Impact (I): HIGH
Availability Availability (A): NONE