Ask questionsCorrection to pip package for for CVE-2021-23338

Unsure if this is the best place to report this, but I was looking at CVE-2021-23338 and noticed from the included exploit link that it is a vulnerability for microsoft/qlib and that the corresponding pip package for that appears to be pyqlib rather than qlib


Answer questions harlekeyn

Thanks for your message, Weston.

We were unable to find a source that confirms that qlib is not vulnerable, so until then, we have marked both qlib and pyqlib as vulnerable. The latter has been assigned


Related questions

No questions were found.
Github User Rank List