Workflow

PyPi: Locopy

CVE-2024-37891

Transitive

Safety vulnerability ID: 71683

This vulnerability was reviewed by experts

The information on this page was manually curated by our Cybersecurity Intelligence Team.

Created at Jun 17, 2024 Updated at Dec 17, 2024
Scan your Python projects for vulnerabilities →

Advisory

Locopy 0.5.9 updates its urllib3 dependency from version 2.0.7 to 2.2.2 to address security concerns, including CVE-2024-37891.

Affected package

locopy

Latest version: 0.6.3

Loading/Unloading to Amazon Redshift using Python

Affected versions

Fixed versions

Vulnerability changelog

What's Changed
* Changes by run-edgetest action by github-actions in https://github.com/capitalone/locopy/pull/265
* Changes by run-edgetest action by github-actions in https://github.com/capitalone/locopy/pull/266
* Changes by run-edgetest action by github-actions in https://github.com/capitalone/locopy/pull/267
* Changes by run-edgetest action by github-actions in https://github.com/capitalone/locopy/pull/268
* Changes by run-edgetest action by github-actions in https://github.com/capitalone/locopy/pull/269
* Changes by run-edgetest action by github-actions in https://github.com/capitalone/locopy/pull/270
* Changes by run-edgetest action by github-actions in https://github.com/capitalone/locopy/pull/272
* Changes by run-edgetest action by github-actions in https://github.com/capitalone/locopy/pull/273
* add support for parsing newer pandas dtype by gladysteh99 in https://github.com/capitalone/locopy/pull/277
* urllib3 vulnerability by fdosani in https://github.com/capitalone/locopy/pull/276
* v0.5.9 by gladysteh99 in https://github.com/capitalone/locopy/pull/278

New Contributors
* gladysteh99 made their first contribution in https://github.com/capitalone/locopy/pull/277

**Full Changelog**: https://github.com/capitalone/locopy/compare/v0.5.8...v0.5.9

Resources

Use this package?

Scan your Python project for dependency vulnerabilities in two minutes

Scan your application