Homepage

sopel-modules.weather@1.2.1 vulnerabilities

A working re-implementation of the weather module for Sopel

  • latest version

    1.6.1

  • latest non vulnerable version

    1.6.1

  • first published

    6 years ago

  • latest version published

    1 years ago

  • licenses detected

  • View sopel-modules.weather package health on Snyk Advisor  (opens in a new tab)
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the sopel-modules.weather package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • M
    Information Exposure

    sopel-modules.weather is an A working re-implementation of the weather module for Sopel

    Affected versions of this package are vulnerable to Information Exposure. If a user is actively black-holing the location or weather APIs, or those APIs become otherwise unavailable, it is possible for the API keys to get leaked to the active IRC channel.

    How to fix Information Exposure?

    Upgrade sopel-modules.weather to version 1.2.4 or higher.

    [,1.2.4)
    Go back to all versions of this package