luigi@2.3.2 vulnerabilities
Workflow mgmgt + task scheduling + dependency resolution.
latest version
3.6.0
latest non vulnerable version
first published
12 years ago
latest version published
4 months ago
licenses detected
- [0,)
Direct Vulnerabilities
Known vulnerabilities in the luigi package. This does not include vulnerabilities belonging to this package’s dependencies.
How to fix?
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free| Vulnerability | Vulnerable Version |
|---|---|
luigi is a package that helps you build complex pipelines of batch jobs. It handles dependency resolution, workflow management, visualization, handling failures, command line integration, and much more. Affected versions of this package are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) due to improper destination file path validation in the How to fix Arbitrary File Write via Archive Extraction (Zip Slip)? Upgrade | [,3.6.0) |
luigi is a package that helps you build complex pipelines of batch jobs. It handles dependency resolution, workflow management, visualization, handling failures, command line integration, and much more. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) due to improper user-input sanitization in the How to fix Cross-site Scripting (XSS)? Upgrade | [,3.2.1) |
luigi is a Python package that helps you build complex pipelines of batch jobs. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) attacks while using How to fix Cross-site Scripting (XSS)? Upgrade | [,2.7.5) |