Comment # 1 on bug 1233852 from Andrea Mattiazzo 
The packages below are or contain embedded packages that are vulnerable to
CVE-2024-21538:

- openSUSE:Factory/python-furo contains embedded package: cross-spawn (7.0.3)
- openSUSE:Factory/python-ipympl contains embedded package: cross-spawn (6.0.5)
- openSUSE:Factory/python-ipympl contains embedded package: cross-spawn (7.0.3)
- openSUSE:Factory/python-jupyter-ydoc contains embedded package: cross-spawn
(7.0.3)
- openSUSE:Factory/python-nbdime contains embedded package: cross-spawn (6.0.5)
- openSUSE:Factory/python-nbdime contains embedded package: cross-spawn (7.0.3)
- openSUSE:Factory/python-panel contains embedded package: cross-spawn (7.0.3)
- openSUSE:Factory/python-pytest-html contains embedded package: cross-spawn
(7.0.3)

Please consider version bumping or patching the affected dependencies.
The listed codestreams are affected. All other codestreams should not be
affected, but feel free to double-check.
This is a auto-generated message, please reach out to the reporter directly if
you think this is incorrect.
No bug-owner found for these packages, if the assignation is not correct feel
free to re-assign.

You are receiving this mail because: