Data quality issue with GHSA-9wx4-h78v-vm56 #2251
Labels
data quality
Issues with data quality
Comments
|
✨ Thank you for your interest in OSV.dev's data quality! ✨ Please review our FAQ entry on how to most efficiently have this addressed. |
astellingwerf
changed the title
|
I'm all new to the OSV processes. 15 minutes after this submission, I discovered that the GHSA entry has the option to submit approval, which I did: github/advisory-database#4468. If it gets incorporated, I assume we can close this issue? |
andrewpollock
added a commit
that referenced
this issue
May 29, 2024
According to https://stackoverflow.com/questions/3790454/how-do-i-break-a-string-in-yaml-over-multiple-lines this ought to do the trick and make the output look a little nicer, based on how it's currently rendering for #2251 YAML sucks.
andrewpollock
added a commit
that referenced
this issue
May 29, 2024
According to https://stackoverflow.com/questions/3790454/how-do-i-break-a-string-in-yaml-over-multiple-lines this ought to do the trick and make the output look a little nicer, based on how it's currently rendering for #2251 YAML sucks.
|
Based on the response to your suggested fix for the source record, it sounds like it's correct, so I'm going to close this issue. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The CVE ID
https://osv.dev/vulnerability/GHSA-9wx4-h78v-vm56
https://osv.dev/vulnerability/CVE-2024-35195
Describe the data quality issue observed
The record states it's fixed in 2.32.0, but that version has been yanked from PyPi. Version 2.32.2 is the first (and currently only) version with a fix for this issue.
Suggested changes to record
Update the fix version to be
2.32.2instead.Additional context
https://pypi.org/project/requests/#history
renovatebot/renovate#29280
The text was updated successfully, but these errors were encountered: