Workflow

PyPi: Boaviztapi

CVE-2024-35195

Transitive

Safety vulnerability ID: 73400

This vulnerability was reviewed by experts

The information on this page was manually curated by our Cybersecurity Intelligence Team.

Created at May 20, 2024 Updated at Dec 11, 2024
Scan your Python projects for vulnerabilities →

Advisory

Boaviztapi bumped requests from 2.31.0 to 2.32.2 via Dependabot to address CVE-2024-35195.

Affected package

boaviztapi

Latest version: 1.3.6

An API to access Boavizta's methodologies and footprint reference data

Affected versions

Fixed versions

Vulnerability changelog

This release adds Azure instances to the API and fixes some security issues.

What's Changed

* Updated reference factors to match Green Cloud Computing study by tibosmn in https://github.com/Boavizta/boaviztapi/pull/288
* Providing data for Azure virtual machines by bpetit in https://github.com/Boavizta/boaviztapi/pull/282
* Adding test for Azure cloud instances by da-ekchajzer in https://github.com/Boavizta/boaviztapi/pull/300
* chore(ci): upgrade github actions that rely on Node 16. by demeringo in https://github.com/Boavizta/boaviztapi/pull/290
* chore(ci): Run python tests when dependencies are updated. by demeringo in https://github.com/Boavizta/boaviztapi/pull/303
* Bump es5-ext from 0.10.61 to 0.10.64 by dependabot in https://github.com/Boavizta/boaviztapi/pull/304
* Bump certifi from 2024.2.2 to 2024.7.4 by dependabot in https://github.com/Boavizta/boaviztapi/pull/310
* Bump jinja2 from 3.1.3 to 3.1.4 by dependabot in https://github.com/Boavizta/boaviztapi/pull/308
* Bump urllib3 from 2.2.1 to 2.2.2 by dependabot in https://github.com/Boavizta/boaviztapi/pull/306
* Bump idna from 3.6 to 3.7 by dependabot in https://github.com/Boavizta/boaviztapi/pull/305
* Bump zipp from 3.17.0 to 3.19.1 by dependabot in https://github.com/Boavizta/boaviztapi/pull/307
* Bump semver from 5.7.1 to 5.7.2 by dependabot in https://github.com/Boavizta/boaviztapi/pull/312
* Bump requests from 2.31.0 to 2.32.2 by dependabot in https://github.com/Boavizta/boaviztapi/pull/309
* chore(deps): update fastapi to 0.115.0 and pydantic to 2.9.2 by demeringo in https://github.com/Boavizta/boaviztapi/pull/315
* Integrate latest developments by demeringo in https://github.com/Boavizta/boaviztapi/pull/316

New Contributors

* dependabot made their first contribution in https://github.com/Boavizta/boaviztapi/pull/304

**Full Changelog**: https://github.com/Boavizta/boaviztapi/compare/v1.2.4...v1.3

Resources

Use this package?

Scan your Python project for dependency vulnerabilities in two minutes

Scan your application