CVE-2024-45230

Advisory

Django-descope updates its dependency Django to v4.2.16 due to the CVE-2024-45230.

Affected package

Affected versions

Fixed versions

Vulnerability changelog

BREAKING CHANGE
* drop support for py3.8 by omercnet in https://github.com/descope/django-descope/pull/216

What's Changed
* fix(deps): update dependency django to v4.2.16 [security] by descope in https://github.com/descope/django-descope/pull/205
* chore(deps): update dependency black to v24.10.0 by descope in https://github.com/descope/django-descope/pull/207
* chore(deps): update dependency flake8 to v7.1.1 by descope in https://github.com/descope/django-descope/pull/208
* chore(deps): update dependency pre-commit to v4 by descope in https://github.com/descope/django-descope/pull/210
* chore(deps): update dependency tox to v4.22.0 by descope in https://github.com/descope/django-descope/pull/211
* chore(deps): update dependency django-debug-toolbar to v4.4.6 by descope in https://github.com/descope/django-descope/pull/212
* chore(deps): update dependency django-stubs to v5 by descope in https://github.com/descope/django-descope/pull/213
* chore(deps): update dependency isort to v5.13.2 by descope in https://github.com/descope/django-descope/pull/214
* Pass success_redirect as redirect-url to the descope component by dorsha in https://github.com/descope/django-descope/pull/215
* chore!: drop support for py3.8 by omercnet in https://github.com/descope/django-descope/pull/216
* fix(deps): update dependency django to v4.2.18 [security] by descope in https://github.com/descope/django-descope/pull/217
* chore(deps): lock file maintenance by descope in https://github.com/descope/django-descope/pull/192

New Contributors
* dorsha made their first contribution in https://github.com/descope/django-descope/pull/215

**Full Changelog**: https://github.com/descope/django-descope/compare/v1.4.0...v2.0.0

Resources

• https://github.com/descope/django-descope/pull/205
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45230