Source: loguru Version: 0.5.3-4 Severity: grave Tags: security upstream Justification: user security hole Forwarded: https://github.com/Delgan/loguru/issues/563 X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org>
Hi, The following vulnerability was published for loguru. CVE-2022-0329[0]: | Code Injection in PyPi loguru prior to and including 0.5.3. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2022-0329 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0329 [1] https://github.com/Delgan/loguru/issues/563 [2] https://github.com/delgan/loguru/commit/4b0070a4f30cbf6d5e12e6274b242b62ea11c81b Regards, Salvatore
