pyshop@0.5 vulnerabilities

Private Python Package Index

Direct Vulnerabilities

Known vulnerabilities in the pyshop package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • H
Improper Input Validation

pyshop is a Private Python Package Index

Affected versions of this package are vulnerable to Improper Input Validation due to not performing integrity checks on package contents retrieved from the PyPI repository. An attacker can execute arbitrary code by intercepting the network traffic and providing a crafted response to a download operation.

How to fix Improper Input Validation?

Upgrade pyshop to version 0.7.1 or higher.

[,0.7.1)