Skip to content

Commit

Permalink
CWE-362 - anyio Race Condition
Browse files Browse the repository at this point in the history 
chore:	Fixes CWE-362 - anyio Race Condition.
	Affected versions of this package are vulnerable to Race Condition in
	_eventloop.get_asynclib() that cause crashes when multiple event loops
	of the same backend are running in separate threads and simultaneously
	attempting to use AnyIO for the first time.

Signed-off-by: Spolti <[email protected]>
  • Loading branch information
@spolti
spolti committed Jun 28, 2024
1 parent 77cb50e commit c9e71a0
Show file tree
Hide file tree
Showing 16 changed files with 8,028 additions and 7,957 deletions.
943 changes: 472 additions & 471 deletions python/aiffairness/poetry.lock
View file

Large diffs are not rendered by default.

1,895 changes: 990 additions & 905 deletions python/alibiexplainer/poetry.lock
View file

Large diffs are not rendered by default.

1,075 changes: 538 additions & 537 deletions python/artexplainer/poetry.lock
View file

Large diffs are not rendered by default.

843 changes: 421 additions & 422 deletions python/custom_model/poetry.lock
View file

Large diffs are not rendered by default.

829 changes: 414 additions & 415 deletions python/custom_tokenizer/poetry.lock
View file

Large diffs are not rendered by default.

843 changes: 421 additions & 422 deletions python/custom_transformer/poetry.lock
View file

Large diffs are not rendered by default.

1,138 changes: 569 additions & 569 deletions python/huggingfaceserver/poetry.lock
View file

Large diffs are not rendered by default.

1,128 changes: 562 additions & 566 deletions python/kserve/poetry.lock
View file

Large diffs are not rendered by default.

3 changes: 3 additions & 0 deletions python/kserve/pyproject.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,6 +53,9 @@ timing-asgi = "^0.3.0"
tabulate = "^0.9.0"
pandas = ">=1.3.5"
pydantic = ">1.0,<3"
pyyaml = "^6.0.0"
# Fixes CWE-362, review overtime to make sure this librari was updated so it can be removed.
anyio = "^4.4.0"

# Storage dependencies. They can be opted into by apps.
urllib3 = { version = "^1.26.8", optional = true }
Expand Down
1,122 changes: 560 additions & 562 deletions python/lgbserver/poetry.lock
View file

Large diffs are not rendered by default.

1,142 changes: 570 additions & 572 deletions python/paddleserver/poetry.lock
View file

Large diffs are not rendered by default.

1,122 changes: 560 additions & 562 deletions python/pmmlserver/poetry.lock
View file

Large diffs are not rendered by default.

1,122 changes: 560 additions & 562 deletions python/sklearnserver/poetry.lock
View file

Large diffs are not rendered by default.

829 changes: 414 additions & 415 deletions python/test_resources/graph/error_404_isvc/poetry.lock
View file

Large diffs are not rendered by default.

829 changes: 414 additions & 415 deletions python/test_resources/graph/success_200_isvc/poetry.lock
View file

Large diffs are not rendered by default.

1,122 changes: 560 additions & 562 deletions python/xgbserver/poetry.lock
View file

Large diffs are not rendered by default.

0 comments on commit c9e71a0

Please sign in to comment.