PyPI package
pipreqs
pkg:pypi/pipreqs
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-31543 | — | >= 0.3.0, < 0.4.12 | 0.4.12 | Jun 30, 2023 | A dependency confusion in pipreqs v0.3.0 to v0.4.11 allows attackers to execute arbitrary code via uploading a crafted PyPI package to the chosen repository server. |
- CVE-2023-31543Jun 30, 2023affected >= 0.3.0, < 0.4.12fixed 0.4.12
A dependency confusion in pipreqs v0.3.0 to v0.4.11 allows attackers to execute arbitrary code via uploading a crafted PyPI package to the chosen repository server.