VYPR

rpm package

opensuse/python-bqplot&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/python-bqplot&distro=openSUSE%20Tumbleweed

Vulnerabilities (5)

  • CVE-2026-27601MedMar 3, 2026
    affected < 0.12.45-14.1fixed 0.12.45-14.1

    Underscore.js is a utility-belt library for JavaScript. Prior to 1.13.8, the _.flatten and _.isEqual functions use recursion without a depth limit. Under very specific conditions, detailed below, an attacker could exploit this in a Denial of Service (DoS) attack by triggering a s

  • CVE-2026-25547CriFeb 4, 2026
    affected < 0.12.45-14.1fixed 0.12.45-14.1

    @isaacs/brace-expansion is a hybrid CJS/ESM TypeScript fork of brace-expansion. Prior to version 5.0.1, @isaacs/brace-expansion is vulnerable to a denial of service (DoS) issue caused by unbounded brace range expansion. When an attacker provides a pattern containing repeated nume

  • CVE-2025-9287Aug 20, 2025
    affected < 0.12.45-12.1fixed 0.12.45-12.1

    Improper Input Validation vulnerability in cipher-base allows Input Data Manipulation.This issue affects cipher-base: through 1.0.4.

  • CVE-2025-54798Aug 7, 2025
    affected < 0.12.45-13.1fixed 0.12.45-13.1

    tmp is a temporary file and directory creator for node.js. In versions 0.2.3 and below, tmp is vulnerable to an arbitrary temporary file / directory write via symbolic link dir parameter. This is fixed in version 0.2.4.

  • CVE-2025-5889LowJun 9, 2025
    affected < 0.12.45-10.1fixed 0.12.45-10.1

    A vulnerability was found in juliangruber brace-expansion up to 1.1.11/2.0.1/3.0.0/4.0.0. It has been rated as problematic. Affected by this issue is the function expand of the file index.js. The manipulation leads to inefficient regular expression complexity. The attack may be l