mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2025-02-17 17:43:06 -05:00
The py dependency in requirements.txt causes a security warning on GitHub and attracts automated bug hunters (without the hunters verifying the relevancy of the finding). Avoid this. Flaws in py: CVE-2020-29651 Vulnerable versions: < 1.10.0 Patched version: 1.10.0 Description: A denial of service via regular expression in the py.path.svnwc component of py (aka python-py) through 1.9.0 could be used by attackers to cause a compute-time denial of service attack by supplying malicious input to the blame functionality. This fixes #40