Product Research Enterprise Plans Docs

PyPi: Open-Web-Calendar

CVE-2024-39689

Transitive

Safety vulnerability ID: 72249

This vulnerability was reviewed by experts

The information on this page was manually curated by our Cybersecurity Intelligence Team.

Created at Jul 05, 2024 Updated at Apr 02, 2025

Scan your Python projects for vulnerabilities →

Advisory

Open-web-calendar updates certifi to versions 2023.5.7 and 2023.7.22 due to CVE-2024-39689.

Affected package

open-web-calendar

Latest version: 1.49

Embed a highly customizable web calendar into your website using ICal source links

Affected versions

Fixed versions

Vulnerability changelog

- Add User-Agent header, see [Issue 225](https://github.com/niccokunzmann/open-web-calendar/issues/225).
- Close security vulnerability, [Pull Request 223](https://github.com/niccokunzmann/open-web-calendar/pull/223)
- Update German, Welsh, Croatian

Resources

Use this package?

Scan your Python project for dependency vulnerabilities in two minutes

Scan your application

Severity Details

CVSS Base Score

HIGH 7.5

CVSS v3 Details

HIGH 7.5

Attack Vector (AV): NETWORK
Attack Complexity (AC): LOW
Privileges Required (PR): NONE
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality Impact (C): NONE
Integrity Impact (I): HIGH
Availability Availability (A): NONE