Latest data: Tue Nov 14 08:04:11 UTC 2023

Homebrew · Nov 14, 2023 · 1c8a84d · 1c8a84d
1 parent 4ddb66b
commit 1c8a84d
Show file tree

Hide file tree

Showing 10 changed files with 129 additions and 833 deletions.
diff --git a/audits/azure-cli-requirements.audit.json b/audits/azure-cli-requirements.audit.json
diff --git a/audits/buku-requirements.audit.json b/audits/buku-requirements.audit.json
@@ -791,7 +791,7 @@
     },
     "vulnerabilities": [
       {
-        "modified": "2023-11-11T05:25:00Z",
+        "modified": "2023-11-13T21:16:00Z",
         "published": "2023-10-25T14:22:59Z",
         "schema_version": "1.6.0",
         "id": "GHSA-hrfv-mqp8-q5rw",
@@ -812,14 +812,45 @@
                 "type": "ECOSYSTEM",
                 "events": [
                   {
-                    "introduced": "0"
+                    "introduced": "3.0.0"
                   },
                   {
                     "fixed": "3.0.1"
                   }
                 ]
               }
             ],
+            "versions": [
+              "3.0.0"
+            ],
+            "database_specific": {
+              "source": "https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/10/GHSA-hrfv-mqp8-q5rw/GHSA-hrfv-mqp8-q5rw.json"
+            },
+            "ecosystem_specific": {
+              "affected_functions": [
+                "werkzeug.sansio.multipart.MultipartDecoder._parse_data"
+              ]
+            }
+          },
+          {
+            "package": {
+              "ecosystem": "PyPI",
+              "name": "werkzeug",
+              "purl": "pkg:pypi/werkzeug"
+            },
+            "ranges": [
+              {
+                "type": "ECOSYSTEM",
+                "events": [
+                  {
+                    "introduced": "0"
+                  },
+                  {
+                    "fixed": "2.3.8"
+                  }
+                ]
+              }
+            ],
             "versions": [
               "0.1",
               "0.10",
@@ -909,12 +940,9 @@
               "2.3.4",
               "2.3.5",
               "2.3.6",
-              "2.3.7",
-              "2.3.8",
-              "3.0.0"
+              "2.3.7"
             ],
             "database_specific": {
-              "last_known_affected_version_range": "<= 3.0.0",
               "source": "https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/10/GHSA-hrfv-mqp8-q5rw/GHSA-hrfv-mqp8-q5rw.json"
             },
             "ecosystem_specific": {
@@ -927,7 +955,7 @@
         "severity": [
           {
             "type": "CVSS_V3",
-            "score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+            "score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
           }
         ],
         "references": [
@@ -943,6 +971,10 @@
             "type": "WEB",
             "url": "https://github.com/pallets/werkzeug/commit/b1916c0c083e0be1c9d887ee2f3d696922bfc5c1"
           },
+          {
+            "type": "WEB",
+            "url": "https://github.com/pallets/werkzeug/commit/f2300208d5e2a5076cbbb4c2aad71096fd040ef9"
+          },
           {
             "type": "WEB",
             "url": "https://github.com/pallets/werkzeug/commit/f3c803b3ade485a45f12b6d6617595350c0f03e2"
@@ -964,7 +996,7 @@
           "github_reviewed": true,
           "github_reviewed_at": "2023-10-25T14:22:59Z",
           "nvd_published_at": "2023-10-25T18:17:36Z",
-          "severity": "HIGH"
+          "severity": "MODERATE"
         }
       },
       {
@@ -993,6 +1025,9 @@
                   },
                   {
                     "fixed": "f3c803b3ade485a45f12b6d6617595350c0f03e2"
+                  },
+                  {
+                    "fixed": "f2300208d5e2a5076cbbb4c2aad71096fd040ef9"
                   }
                 ],
                 "repo": "https://github.com/pallets/werkzeug"
@@ -1003,6 +1038,12 @@
                   {
                     "introduced": "0"
                   },
+                  {
+                    "fixed": "2.3.8"
+                  },
+                  {
+                    "introduced": "3.0.0"
+                  },
                   {
                     "fixed": "3.0.1"
                   }
@@ -1099,8 +1140,7 @@
               "2.3.5",
               "2.3.6",
               "2.3.7",
-              "3.0.0",
-              "2.3.8"
+              "3.0.0"
             ],
             "database_specific": {
               "source": "https://github.com/pypa/advisory-database/blob/main/vulns/werkzeug/PYSEC-2023-221.yaml"

diff --git a/audits/recon-ng-requirements.audit.json b/audits/recon-ng-requirements.audit.json
@@ -1965,7 +1965,7 @@
     },
     "vulnerabilities": [
       {
-        "modified": "2023-11-11T05:25:00Z",
+        "modified": "2023-11-13T21:16:00Z",
         "published": "2023-10-25T14:22:59Z",
         "schema_version": "1.6.0",
         "id": "GHSA-hrfv-mqp8-q5rw",
@@ -1986,14 +1986,45 @@
                 "type": "ECOSYSTEM",
                 "events": [
                   {
-                    "introduced": "0"
+                    "introduced": "3.0.0"
                   },
                   {
                     "fixed": "3.0.1"
                   }
                 ]
               }
             ],
+            "versions": [
+              "3.0.0"
+            ],
+            "database_specific": {
+              "source": "https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/10/GHSA-hrfv-mqp8-q5rw/GHSA-hrfv-mqp8-q5rw.json"
+            },
+            "ecosystem_specific": {
+              "affected_functions": [
+                "werkzeug.sansio.multipart.MultipartDecoder._parse_data"
+              ]
+            }
+          },
+          {
+            "package": {
+              "ecosystem": "PyPI",
+              "name": "werkzeug",
+              "purl": "pkg:pypi/werkzeug"
+            },
+            "ranges": [
+              {
+                "type": "ECOSYSTEM",
+                "events": [
+                  {
+                    "introduced": "0"
+                  },
+                  {
+                    "fixed": "2.3.8"
+                  }
+                ]
+              }
+            ],
             "versions": [
               "0.1",
               "0.10",
@@ -2083,12 +2114,9 @@
               "2.3.4",
               "2.3.5",
               "2.3.6",
-              "2.3.7",
-              "2.3.8",
-              "3.0.0"
+              "2.3.7"
             ],
             "database_specific": {
-              "last_known_affected_version_range": "<= 3.0.0",
               "source": "https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/10/GHSA-hrfv-mqp8-q5rw/GHSA-hrfv-mqp8-q5rw.json"
             },
             "ecosystem_specific": {
@@ -2101,7 +2129,7 @@
         "severity": [
           {
             "type": "CVSS_V3",
-            "score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+            "score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
           }
         ],
         "references": [
@@ -2117,6 +2145,10 @@
             "type": "WEB",
             "url": "https://github.com/pallets/werkzeug/commit/b1916c0c083e0be1c9d887ee2f3d696922bfc5c1"
           },
+          {
+            "type": "WEB",
+            "url": "https://github.com/pallets/werkzeug/commit/f2300208d5e2a5076cbbb4c2aad71096fd040ef9"
+          },
           {
             "type": "WEB",
             "url": "https://github.com/pallets/werkzeug/commit/f3c803b3ade485a45f12b6d6617595350c0f03e2"
@@ -2138,7 +2170,7 @@
           "github_reviewed": true,
           "github_reviewed_at": "2023-10-25T14:22:59Z",
           "nvd_published_at": "2023-10-25T18:17:36Z",
-          "severity": "HIGH"
+          "severity": "MODERATE"
         }
       },
       {
@@ -2504,6 +2536,9 @@
                   },
                   {
                     "fixed": "f3c803b3ade485a45f12b6d6617595350c0f03e2"
+                  },
+                  {
+                    "fixed": "f2300208d5e2a5076cbbb4c2aad71096fd040ef9"
                   }
                 ],
                 "repo": "https://github.com/pallets/werkzeug"
@@ -2514,6 +2549,12 @@
                   {
                     "introduced": "0"
                   },
+                  {
+                    "fixed": "2.3.8"
+                  },
+                  {
+                    "introduced": "3.0.0"
+                  },
                   {
                     "fixed": "3.0.1"
                   }
@@ -2610,8 +2651,7 @@
               "2.3.5",
               "2.3.6",
               "2.3.7",
-              "3.0.0",
-              "2.3.8"
+              "3.0.0"
             ],
             "database_specific": {
               "source": "https://github.com/pypa/advisory-database/blob/main/vulns/werkzeug/PYSEC-2023-221.yaml"

diff --git a/requirements/awscli-requirements.txt b/requirements/awscli-requirements.txt
@@ -1,4 +1,4 @@
-awscrt==0.19.10
+awscrt==0.19.12
 colorama==0.4.6
 cryptography==40.0.1
 distro==1.8.0
@@ -8,4 +8,4 @@ python-dateutil==2.8.2
 ruamel-yaml==0.17.21
 ruamel-yaml-clib==0.2.7
 urllib3==1.26.18
-wcwidth==0.2.9
+wcwidth==0.2.10
diff --git a/requirements/azure-cli-requirements.txt b/requirements/azure-cli-requirements.txt
@@ -2,7 +2,7 @@ Deprecated==1.2.14
 PyGithub==1.55
 PySocks==1.7.1
 adal==1.2.7
-antlr4-python3-runtime==4.9.3
+antlr4-python3-runtime==4.13.1
 applicationinsights==0.11.9
 argcomplete==3.1.1
 azure-appconfiguration==1.1.1
@@ -13,9 +13,9 @@ azure-cosmos==3.2.0
 azure-data-tables==12.4.0
 azure-datalake-store==0.0.49
 azure-graphrbac==0.60.0
-azure-keyvault-administration==4.3.0
+azure-keyvault-administration==4.4.0b2
 azure-keyvault-certificates==4.7.0
-azure-keyvault-keys==4.8.0b2
+azure-keyvault-keys==4.9.0b3
 azure-keyvault-secrets==4.7.0
 azure-loganalytics==0.1.0
 azure-mgmt-advisor==9.0.0
@@ -30,12 +30,12 @@ azure-mgmt-billing==6.0.0
 azure-mgmt-botservice==2.0.0b3
 azure-mgmt-cdn==12.0.0
 azure-mgmt-cognitiveservices==13.5.0
-azure-mgmt-compute==30.0.0
+azure-mgmt-compute==30.3.0
 azure-mgmt-containerinstance==10.1.0
 azure-mgmt-containerregistry==10.1.0
-azure-mgmt-containerservice==26.0.0
+azure-mgmt-containerservice==27.0.0
 azure-mgmt-core==1.3.2
-azure-mgmt-cosmosdb==9.2.0
+azure-mgmt-cosmosdb==9.3.0
 azure-mgmt-databoxedge==1.0.0
 azure-mgmt-datalake-nspkg==3.0.1
 azure-mgmt-datalake-store==0.5.0
@@ -48,9 +48,9 @@ azure-mgmt-extendedlocation==1.0.0b2
 azure-mgmt-hdinsight==9.0.0
 azure-mgmt-imagebuilder==1.2.0
 azure-mgmt-iotcentral==10.0.0b1
-azure-mgmt-iothub==2.3.0
+azure-mgmt-iothub==3.0.0
 azure-mgmt-iothubprovisioningservices==1.1.0
-azure-mgmt-keyvault==10.2.3
+azure-mgmt-keyvault==10.3.0
 azure-mgmt-kusto==0.3.0
 azure-mgmt-loganalytics==13.0.0b4
 azure-mgmt-managedservices==1.0.0
@@ -64,10 +64,10 @@ azure-mgmt-netapp==10.1.0
 azure-mgmt-nspkg==3.0.2
 azure-mgmt-policyinsights==1.1.0b4
 azure-mgmt-privatedns==1.0.0
-azure-mgmt-rdbms==10.2.0b10
+azure-mgmt-rdbms==10.2.0b11
 azure-mgmt-recoveryservices==2.5.0
 azure-mgmt-recoveryservicesbackup==7.0.0
-azure-mgmt-redhatopenshift==1.3.0
+azure-mgmt-redhatopenshift==1.4.0
 azure-mgmt-redis==14.1.0
 azure-mgmt-resource==23.1.0b2
 azure-mgmt-search==9.0.0
@@ -76,10 +76,10 @@ azure-mgmt-servicebus==8.2.0
 azure-mgmt-servicefabric==1.0.0
 azure-mgmt-servicefabricmanagedclusters==1.0.0
 azure-mgmt-servicelinker==1.2.0b1
-azure-mgmt-signalr==1.1.0
+azure-mgmt-signalr==2.0.0b1
 azure-mgmt-sql==4.0.0b12
 azure-mgmt-sqlvirtualmachine==1.0.0b5
-azure-mgmt-storage==21.0.0
+azure-mgmt-storage==21.1.0
 azure-mgmt-synapse==2.1.0b5
 azure-mgmt-trafficmanager==1.0.0
 azure-mgmt-web==7.0.0
@@ -94,9 +94,9 @@ bcrypt==3.2.0
 certifi==2023.7.22
 cffi==1.15.1
 chardet==3.0.4
-charset-normalizer==3.3.1
+charset-normalizer==3.3.2
 colorama==0.4.4
-cryptography==41.0.3
+cryptography==41.0.4
 distro==1.8.0
 fabric==2.4.0
 humanfriendly==10.0
@@ -133,7 +133,7 @@ six==1.16.0
 sshtunnel==0.1.5
 tabulate==0.8.9
 typing-extensions==4.8.0
-urllib3==1.26.16
+urllib3==1.26.18
 websocket-client==1.3.1
 wrapt==1.15.0
 xmltodict==0.12.0