Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS1wNG01LTMycHItMmhxcs4AA5gm
PyPop C extensions possible vulnerability: missing arguments and redundant null pointers
Impact
Code scanning revealed possible vulnerability in C extensions for PyPop: incorrect function calls (missing arguments or wrongly typed arguments) and redundant null pointers.
Patches
The problem has been patched and fixed in the latest release of PyPop: 1.0.2. Please upgrade your PyPop installation via:
pip install -U pypop-genomics
Workarounds
No. Upgrade to the latest package: 1.0.2.
References
N/A
Permalink: https://github.com/advisories/GHSA-p4m5-32pr-2hqrJSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1wNG01LTMycHItMmhxcs4AA5gm
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Low
Classification: General
Published: 9 months ago
Updated: 9 months ago
Identifiers: GHSA-p4m5-32pr-2hqr
References:
- https://github.com/alexlancaster/pypop/security/advisories/GHSA-p4m5-32pr-2hqr
- https://github.com/alexlancaster/pypop/commit/2e5c495dd7684f67f6682e80e324351039a28262
- https://github.com/alexlancaster/pypop/releases/tag/v1.0.2
- https://github.com/advisories/GHSA-p4m5-32pr-2hqr
Blast Radius: 1.0
Affected Packages
pypi:pypop-genomics
Dependent packages: 0Dependent repositories: 0
Downloads: 14,891 last month
Affected Version Ranges: < 1.0.2
Fixed in: 1.0.2
All affected versions: 0.9.3, 1.0.0, 1.0.1
All unaffected versions: 1.0.2, 1.1.0, 1.1.1, 1.1.2