VYPR

PyPI package

dparse

pkg:pypi/dparse

Vulnerabilities (1)

  • CVE-2022-39280Oct 6, 2022
    affected < 0.5.2fixed 0.5.2

    dparse is a parser for Python dependency files. dparse in versions before 0.5.2 contain a regular expression that is vulnerable to a Regular Expression Denial of Service. All the users parsing index server URLs with dparse are impacted by this vulnerability. A patch has been appl