Homepage

boxlite@0.9.2

Python bindings for Boxlite runtime

  • latest version

    0.9.5

  • first published

    5 months ago

  • latest version published

    1 months ago

  • licenses detected

  • View boxlite package health on Snyk  (opens in a new tab)
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the boxlite package. This does not include vulnerabilities belonging to this package’s dependencies.

    Fix vulnerabilities automatically

    Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

    Fix for free
    VulnerabilityVulnerable Version
    • H
    Improper Resource Shutdown or Release

    boxlite is a Python bindings for Boxlite runtime

    Affected versions of this package are vulnerable to Improper Resource Shutdown or Release due to improper handling of process termination signals in the timeout mechanism by using the catchable SIGALRM signal instead of the uncatchable SIGKILL signal. An attacker can cause resource exhaustion and impact service availability by bypassing the intended timeout and allowing malicious code to continue running after the timeout is triggered.

    How to fix Improper Resource Shutdown or Release?

    A fix was pushed into the master branch but not yet published.

    [0,)
    Go back to all versions of this package