VYPR

rpm package

opensuse/python-jupyterlab-templates&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/python-jupyterlab-templates&distro=openSUSE%20Tumbleweed

Vulnerabilities (4)

  • CVE-2026-34601HigApr 2, 2026
    affected < 0.5.3-1.1fixed 0.5.3-1.1

    xmldom is a pure JavaScript W3C standard-based (XML DOM Level 2 Core) `DOMParser` and `XMLSerializer` module. In xmldom versions 0.6.0 and prior and @xmldom/xmldom prior to versions 0.8.12 and 0.9.9, xmldom/xmldom allows attacker-controlled strings containing the CDATA terminator

  • CVE-2026-3449LowMar 3, 2026
    affected < 0.5.2-4.1fixed 0.5.2-4.1

    Versions of the package @tootallnate/once before 3.0.1 are vulnerable to Incorrect Control Flow Scoping in promise resolving when AbortSignal option is used. The Promise remains in a permanently pending state after the signal is aborted, causing any await or .then() usage to hang

  • CVE-2025-7783CriJul 18, 2025
    affected < 0.5.2-3.1fixed 0.5.2-3.1

    Use of Insufficiently Random Values vulnerability in form-data allows HTTP Parameter Pollution (HPP). This vulnerability is associated with program files lib/form_data.Js. This issue affects form-data: < 2.5.4, 3.0.0 - 3.0.3, 4.0.0 - 4.0.3.

  • CVE-2025-5889LowJun 9, 2025
    affected < 0.5.2-2.1fixed 0.5.2-2.1

    A vulnerability was found in juliangruber brace-expansion up to 1.1.11/2.0.1/3.0.0/4.0.0. It has been rated as problematic. Affected by this issue is the function expand of the file index.js. The manipulation leads to inefficient regular expression complexity. The attack may be l