search

aaugustin / django-sesame

"Magic Links" - URLs with authentication tokens for one-click login
https://django-sesame.readthedocs.org/
BSD 3-Clause "New" or "Revised" License
974 stars 56 forks source link

minimum ua parser version #94

Closed caleb15 closed 1 year ago

caleb15 commented 1 year ago

The min version of ua-parser required by sesame currently has a security issue: https://security.snyk.io/vuln/SNYK-PYTHON-UAPARSER-1298047

To avoid the possibility of a user of django-sesame getting DOS'd I would suggest pinning the minimum version to 0.15.0

aaugustin commented 1 year ago

Thank you!

caleb15 commented 1 year ago

No, thank you! :)