VYPR

PyPI package

ihatemoney

pkg:pypi/ihatemoney

Vulnerabilities (1)

  • CVE-2020-15120Jul 27, 2020
    affected < 4.1.5fixed 4.1.5

    In "I hate money" before version 4.1.5, an authenticated member of one project can modify and delete members of another project, without knowledge of this other project's private code. This can be further exploited to access all bills of another project without knowledge of this