Returning success count from the .populate() call
#1050
An automation triggered a pipeline warning
Found 37 vulnerabilities. An additional 0 vulnerabilities have been marked as unaffected.
Output from Automations
4 rules were checked:
If a new dependency is added where the license risk is at least medium
then notify all users in the group admins by email
✔️ The rule did not trigger. Manage rule
If a dependency contains a vulnerability which has not been marked as unaffected and which has not triggered this rule for this dependency before
then notify all users in the group admins by email
✔️ The rule did not trigger. Manage rule
If there is a dependency where the license risk is at least high
then send a pipeline warning
✔️ The rule did not trigger. Manage rule
If a dependency contains a vulnerability which has not been marked as unaffected
then send a pipeline warning
| Vulnerability | CVSS2 | CVSS3 | Dependency | Dependency Licenses |
|---|---|---|---|---|
| CVE-2020-13091 | 7.5 | 9.8 | pandas (pip) | BSD-2-Clause, BSD-3-Clause |
| CVE-2019-6446 | 7.5 | 9.8 | numpy (pip) | BSD-2-Clause, BSD-3-Clause, GPL-3.0-only, GPL-3.0-or-later |
| CVE-2018-20060 | 5 | 9.8 | urllib3 (pip) | MIT |
| CVE-2020-36242 | 6.4 | 9.1 | cryptography (pip) | Apache-2.0, BSD-3-Clause |
| CVE-2015-5607 | 6.8 | 8.8 | ipython (pip) | BSD-2-Clause, BSD-3-Clause, Debricked Unknown License |
| CVE-2022-21699 | 4.6 | 8.8 | ipython (pip) | BSD-2-Clause, BSD-3-Clause, Debricked Unknown License |
| CVE-2016-10075 | 4.6 | 7.8 | tqdm (pip) | MIT, MPL-2.0 |
| CVE-2018-10903 | 5 | 7.5 | cryptography (pip) | Apache-2.0, BSD-3-Clause |
| CVE-2016-9243 | 5 | 7.5 | cryptography (pip) | Apache-2.0, BSD-3-Clause |
| CVE-2021-33503 | 5 | 7.5 | urllib3 (pip) | MIT |
| CVE-2020-7212 | 7.8 | 7.5 | urllib3 (pip) | MIT |
| CVE-2019-11324 | 5 | 7.5 | urllib3 (pip) | MIT |
| CVE-2017-12852 | 5 | 7.5 | numpy (pip) | BSD-2-Clause, BSD-3-Clause, GPL-3.0-only, GPL-3.0-or-later |
| CVE-2023-38325 | N/A | 7.5 | cryptography (pip) | Apache-2.0, BSD-3-Clause |
| CVE-2023-0286 | N/A | 7.4 | cryptography (pip) | Apache-2.0, BSD-3-Clause |
| CVE-2023-24816 | N/A | 7 | ipython (pip) | BSD-2-Clause, BSD-3-Clause, Debricked Unknown License |
| CVE-2014-3429 | 6.8 | N/A | ipython (pip) | BSD-2-Clause, BSD-3-Clause, Debricked Unknown License |
| CVE-2015-7337 | 6.8 | N/A | ipython (pip) | BSD-2-Clause, BSD-3-Clause, Debricked Unknown License |
| CVE-2021-28363 | 6.4 | 6.5 | urllib3 (pip) | MIT |
| CVE-2020-26137 | 6.4 | 6.5 | urllib3 (pip) | MIT |
| CVE-2023-23931 | N/A | 6.5 | cryptography (pip) | Apache-2.0, BSD-3-Clause |
| CVE-2015-4707 | 4.3 | 6.1 | ipython (pip) | BSD-2-Clause, BSD-3-Clause, Debricked Unknown License |
| CVE-2019-11236 | 4.3 | 6.1 | urllib3 (pip) | MIT |
| CVE-2015-4706 | 4.3 | 6.1 | ipython (pip) | BSD-2-Clause, BSD-3-Clause, Debricked Unknown License |
| CVE-2020-25659 | 4.3 | 5.9 | cryptography (pip) | Apache-2.0, BSD-3-Clause |
| CVE-2023-43804 | N/A | 5.9 | urllib3 (pip) | MIT |
| CVE-2014-1859 | 2.1 | 5.5 | numpy (pip) | BSD-2-Clause, BSD-3-Clause, GPL-3.0-only, GPL-3.0-or-later |
| CVE-2021-41496 | 2.1 | 5.5 | numpy (pip) | BSD-2-Clause, BSD-3-Clause, GPL-3.0-only, GPL-3.0-or-later |
| CVE-2014-1858 | 2.1 | 5.5 | numpy (pip) | BSD-2-Clause, BSD-3-Clause, GPL-3.0-only, GPL-3.0-or-later |
| CVE-2021-33430 | 3.5 | 5.3 | numpy (pip) | BSD-2-Clause, BSD-3-Clause, GPL-3.0-only, GPL-3.0-or-later |
| CVE-2021-34141 | 5 | 5.3 | numpy (pip) | BSD-2-Clause, BSD-3-Clause, GPL-3.0-only, GPL-3.0-or-later |
| CVE-2021-41495 | 3.5 | 5.3 | numpy (pip) | BSD-2-Clause, BSD-3-Clause, GPL-3.0-only, GPL-3.0-or-later |
| CVE-2015-6938 | 4.3 | N/A | ipython (pip) | BSD-2-Clause, BSD-3-Clause, Debricked Unknown License |
| CVE-2016-9015 | 2.6 | 3.7 | urllib3 (pip) | MIT |
| debricked-201505 | N/A | N/A | cryptography (pip) | Apache-2.0, BSD-3-Clause |
| debricked-219246 | N/A | N/A | cryptography (pip) | Apache-2.0, BSD-3-Clause |
| debricked-228740 | N/A | N/A | cryptography (pip) | Apache-2.0, BSD-3-Clause |