There is 1 open security issue in bullseye.
1 issue left for the package maintainer to handle:
- CVE-2021-35196:
(needs triaging)
** DISPUTED ** Manuskript through 0.12.0 allows remote attackers to execute arbitrary code via a crafted settings.pickle file in a project file, because there is insecure deserialization via the pickle.load() function in settings.py. NOTE: the vendor's position is that the product is not intended for opening an untrusted project file.
You can find information about how to handle this issue in the security team's documentation.