[Bug][Jupyter Widget] Security vulnerabilities in Ipywidgets #2546

dazza-codes · 2024-03-26T02:47:01Z

Security vulnerabilities in python dependency:

-> Vulnerability found in ipywidgets version 7.8.1
   Vulnerability ID: 50664
   Affected spec: <8.0.0
   ADVISORY: Ipywidgets 8.0.0 sanitizes descriptions by default.https://github.com/jupyter-widgets/ipywidgets/pull/2785
   PVE-2022-50664
   For more information about this vulnerability, visit https://data.safetycli.com/v/50664/97c
   To ignore this vulnerability, use PyUp vulnerability id 50664 in safety’s ignore command-line argument or add the ignore to your safety policy file.


-> Vulnerability found in ipywidgets version 7.8.1
   Vulnerability ID: 50463
   Affected spec: <8.0.0rc2
   ADVISORY: Ipywidgets 8.0.0rc2 makes descriptions plaintext by default for security.https://github.com/jupyter-widgets/ipywidgets/pull/2785
   PVE-2022-50463
   For more information about this vulnerability, visit https://data.safetycli.com/v/50463/97c
   To ignore this vulnerability, use PyUp vulnerability id 50463 in safety’s ignore command-line argument or add the ignore to your safety policy file.

https://pypi.org/project/ipywidgets/#history

The text was updated successfully, but these errors were encountered:

dazza-codes added the jupyter keplergl for Jupyter label Mar 26, 2024

dazza-codes assigned heshan0131 Mar 26, 2024

dazza-codes linked a pull request Mar 26, 2024 that will close this issue

Update Ipywidgets>=8.x to fix security vulnerabilities #2545

Open

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Bug][Jupyter Widget] Security vulnerabilities in Ipywidgets #2546

[Bug][Jupyter Widget] Security vulnerabilities in Ipywidgets #2546

dazza-codes commented Mar 26, 2024

[Bug][Jupyter Widget] Security vulnerabilities in Ipywidgets #2546

[Bug][Jupyter Widget] Security vulnerabilities in Ipywidgets #2546

Comments

dazza-codes commented Mar 26, 2024