Search for packages
| purl | pkg:pypi/dparse@0.5.2 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-m1z3-fb69-afe6 | dparse is a parser for Python dependency files. dparse in versions before 0.5.2 contain a regular expression that is vulnerable to a Regular Expression Denial of Service. All the users parsing index server URLs with dparse are impacted by this vulnerability. A patch has been applied in version `0.5.2`, all the users are advised to upgrade to `0.5.2` as soon as possible. Users unable to upgrade should avoid passing index server URLs in the source file to be parsed. |
CVE-2022-39280
GHSA-8fg9-p83m-x5pq GMS-2022-4614 PYSEC-2022-301 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-12T18:34:28.804349+00:00 | GitLab Importer | Fixing | VCID-m1z3-fb69-afe6 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/dparse/CVE-2022-39280.yml | 38.6.0 |
| 2026-06-12T08:14:06.569180+00:00 | GithubOSV Importer | Fixing | VCID-m1z3-fb69-afe6 | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/09/GHSA-8fg9-p83m-x5pq/GHSA-8fg9-p83m-x5pq.json | 38.6.0 |
| 2026-06-12T04:15:31.253040+00:00 | Pypa Importer | Fixing | VCID-m1z3-fb69-afe6 | https://github.com/pypa/advisory-database/blob/main/vulns/dparse/PYSEC-2022-301.yaml | 38.6.0 |
| 2026-06-11T20:58:52.293135+00:00 | PyPI Importer | Fixing | VCID-m1z3-fb69-afe6 | https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip | 38.6.0 |
| 2026-06-11T20:32:41.186129+00:00 | GHSA Importer | Fixing | VCID-m1z3-fb69-afe6 | https://github.com/advisories/GHSA-8fg9-p83m-x5pq | 38.6.0 |