patchwork
patchwork copied to clipboard
Published
20 hours ago •
patched-codes
patched-codes
PatchWork AutoFix
This pull request from patched fixes 3 issues.
- File changed: patchwork/app.py
Fix vulnerability by avoiding dynamic values in importlib.import_module()
Avoided dynamic values in importlib.import_module() to prevent running untrusted code by using a whitelist approach.
- File changed: patchwork/common/utils/step_typing.py
Fix vulnerability by avoiding dynamic values in importlib.import_module()
Avoided using dynamic values in importlib.import_module() by hardcoding the module name to prevent loading arbitrary code.
- File changed: patchwork/common/utils/dependency.py
Fix vulnerability by avoiding dynamic values in importlib.import_module()
Avoid using dynamic values in importlib.import_module() by ensuring that only whitelisted module names are passed to the function.
