`pyo3`

Ecosystem:
cargo

Package URL:
pkg:cargo/pyo3

Total PRs:
939 Dependabot PRs

Latest PR:
17 days ago

Unique Repositories:
452 repositories

Unique Repos (30 days):
9 repositories

Security Advisories

PyO3 has type confusion when accessing data from sublasses of subclasses of native types with `abi3` feature

GHSA-47qc-857f-7w7f HIGH published 4 months ago • updated 2 months ago

PyO3 0.28.1 added support for `#[pyclass(extends=PyList)] struct NativeSub` (and other native types) when targeting Python 3.12 and up with the `ab...

Reference counting error in pyo3

GHSA-2vx6-fcw6-hpr6 CVE-2020-35917 MODERATE published almost 5 years ago • updated 29 days ago

An issue was discovered in the pyo3 crate before 0.12.4 for Rust. There is a reference-counting error and use-after-free in From<Py<T>>.

Build corruption when using `PYO3_CONFIG_FILE` environment variable

GHSA-vxcf-c7mx-pg53 MODERATE published over 1 year ago • updated 2 months ago

In PyO3 0.23.0 the `PYO3_CONFIG_FILE` environment variable used to configure builds regressed such that changing the environment variable would no ...

PyO3 has a risk of use-after-free in `borrowed` reads from Python weak references

GHSA-6jgw-rgmm-7cv6 CVE-2024-9979 MODERATE published over 1 year ago • updated 2 months ago

The family of functions to read "borrowed" values from Python weak references were fundamentally unsound, because the weak reference does itself no...

0.28.2 → 0.28.3 Patch PR

Open 17 days ago 2 comments

chore(deps): bump the rust-deps group with 3 updates

rroblf01/lapinq #4

0.23.5 → 0.28.3 Minor PR

Closed 18 days ago 1 comment

deps(rust): bump the rust-minor group across 1 directory with 16 updates

NikkeTryHard/tach-core #112

0.28.2 → 0.28.3 Patch PR

Closed 19 days ago 1 comment

chore(deps): bump pyo3 from 0.23.5 to 0.24.1 in /rust/moviepilot_rust in the cargo group across 1 directory

uvswifft/MoviePilot #748

0.23.5 → 0.24.1 Minor PR

Closed 20 days ago 1 comment

build(deps): bump the rust-dependencies group across 1 directory with 33 updates

NextStat/nextstat.io #35

0.28.0 → 0.28.3 Patch PR

Closed 21 days ago 1 comment

chore(deps): bump pyo3 from 0.20.3 to 0.28.3

ness-e/Vantadb #17

0.20.3 → 0.28.3 Minor PR

Closed 28 days ago 2 comments

chore(deps): bump pyo3 from 0.25.1 to 0.28.3

WyattAu/suture #35

0.25.1 → 0.28.3 Minor PR

Closed 29 days ago 3 comments

deps(rust): bump the rust-dependencies group across 1 directory with 27 updates

reasonkit/reasonkit-core #43

0.28.2 → 0.28.3 Patch PR

Closed about 1 month ago 2 comments

deps(rust): update pyo3 requirement from 0.21 to 0.28 in /sdk/rust

GoodshytGroup/ETHOS-AEGIS #3

0.21 → 0.28

Closed about 1 month ago 1 comment

chore(deps): bump the prod-deps group across 1 directory with 14 updates

mozilla-services/syncstorage-rs #2287

0.28.2 → 0.28.3 Patch PR

Closed about 1 month ago 1 comment

chore(deps): bump the rust-dependencies group across 1 directory with 2 updates

Wolfvin/SymbolicPuzzle3D #8

0.22.6 → 0.28.3 Minor PR

Open about 1 month ago 2 comments

chore(deps): bump the rust-dependencies group in /packages/engine-rs with 6 updates

mage-knight-digital/MageKnight #1060

0.24.2 → 0.28.3 Minor PR

Closed about 1 month ago 5 comments

Bump the cargo group across 1 directory with 2 updates

rhamenator/ai-scraping-defense #1795

0.28.0 → 0.28.2 Patch PR

Closed about 1 month ago 2 comments

chore: bump pyo3 from 0.27.2 to 0.28.3

lhwzds/skrun #1

0.27.2 → 0.28.3 Minor PR

Open about 1 month ago 1 comment

chore(deps-rs): bump the patch group across 1 directory with 10 updates

Quantinuum/hugr #3045

0.28.2 → 0.28.3 Patch PR

Closed about 1 month ago 2 comments

Bump the version-updates group across 1 directory with 9 updates

opencloudtool/opencloudtool #593

0.28.2 → 0.28.3 Patch PR

Open about 1 month ago 1 comment

Bump the rust-deps group with 6 updates

Saswatsusmoy/retrievalx #4

0.24.2 → 0.28.3 Minor PR

Open about 2 months ago 2 comments

chore: bump the rust-dependencies group with 3 updates

pynenc/cistell #46

0.28.2 → 0.28.3 Patch PR

Open about 2 months ago 1 comment

Bump pyo3 from 0.24.2 to 0.28.3

OlympusLedgerOrg/Olympus #722

0.24.2 → 0.28.3 Minor PR

Closed about 2 months ago 2 comments

chore(deps): bump pyo3 from 0.23.5 to 0.24.1 in /rust/boar_fast_filter in the cargo group across 1 directory

FabioLeitao/data-boar #226

0.23.5 → 0.24.1 Minor PR

Closed about 2 months ago 2 comments

Bump the minor-and-patch group with 5 updates

amaye15/JSON-Tools-rs #6

0.28.2 → 0.28.3 Patch PR

Open about 2 months ago 1 comment

chore(deps): update pyo3 requirement from 0.24.1 to 0.28.3

lubluniky/rocket-rs #42

0.24.1 → 0.28.3 Minor PR

Open about 2 months ago 1 comment

Bump pyo3 from 0.28.0 to 0.28.2

garnet-labs/monty #2

0.28.0 → 0.28.2 Patch PR

Open about 2 months ago 1 comment

chore(deps): bump the cargo group across 1 directory with 3 updates

inter0hm/devolutions-crypto #2

0.23.4 → 0.24.1 Minor PR

Open about 2 months ago 1 comment

chore(deps): bump the update group across 1 directory with 2 updates

dousu/maou #371

0.28.2 → 0.28.3 Patch PR

Closed about 2 months ago 2 comments

deps: bump the minor-and-patch group across 1 directory with 4 updates

AiBrush/mutagen-rs #48

0.28.0 → 0.28.3 Patch PR

Closed about 2 months ago 2 comments

build(deps): bump pyo3 from 0.28.2 to 0.28.3

AndroZa0812/HyperInfer #83

0.28.2 → 0.28.3 Patch PR

Open 2 months ago 3 comments

chore(deps): bump the rust-dependencies group across 1 directory with 9 updates

Coldaine/ColdVox #390

0.28.2 → 0.28.3 Patch PR

Closed 2 months ago 3 comments

chore(deps): bump pyo3 from 0.20.3 to 0.24.1 in /src/Tools/AssetPipelineRust in the cargo group across 1 directory

KooshaPari/Dino #149

0.20.3 → 0.24.1 Minor PR

Open 2 months ago 3 comments

Bump pyo3 from 0.28.2 to 0.28.3

hyperlight-dev/hyperlight-sandbox #32

0.28.2 → 0.28.3 Patch PR

Open 2 months ago 1 comment

chore(deps-rs): bump the patch group across 1 directory with 7 updates

Quantinuum/hugr #3018

0.28.2 → 0.28.3 Patch PR

Closed 2 months ago 2 comments

build(deps): bump pyo3 from 0.28.2 to 0.28.3

systemslibrarian/meow-decoder #136

0.28.2 → 0.28.3 Patch PR

Open 2 months ago 1 comment

deps(rust): bump the rust-dependencies group across 1 directory with 9 updates

reasonkit/reasonkit-mem #29

0.28.2 → 0.28.3 Patch PR

Open 2 months ago 1 comment

deps(rust): bump the rust-dependencies group across 1 directory with 21 updates

reasonkit/reasonkit-core #37

0.28.2 → 0.28.3 Patch PR

Closed 2 months ago 2 comments

Bump the crates-io group with 3 updates

djc/pyrtls #170

0.28.2 → 0.28.3 Patch PR

Closed 2 months ago 1 comment

build(deps): bump pyo3 from 0.28.2 to 0.28.3

rodneylab/subsetter #236

0.28.2 → 0.28.3 Patch PR

Closed 2 months ago 1 comment

Bump the rust-deps group across 1 directory with 7 updates

coreyleavitt/ferrosync #191

0.28.2 → 0.28.3 Patch PR

Closed 2 months ago 1 comment

Bump pyo3 from 0.28.2 to 0.28.3

chingiztob/ferrobus #64

0.28.2 → 0.28.3 Patch PR

Open 2 months ago 1 comment

chore(deps): bump pyo3 from 0.28.2 to 0.28.3

tmke8/math-core #924

0.28.2 → 0.28.3 Patch PR

Open 2 months ago 1 comment

chore(deps): bump the prod-deps group across 1 directory with 11 updates

mozilla-services/syncstorage-rs #2191

0.28.2 → 0.28.3 Patch PR

Closed 2 months ago 1 comment

chore(deps): update pyo3 requirement from 0.24 to 0.28

KooshaPari/thegent-cache #3

0.24 → 0.28

Open 2 months ago 3 comments

chore(deps): bump the minor group with 17 updates

benbrandt/text-splitter #1092

0.28.2 → 0.28.3 Patch PR

Closed 2 months ago 1 comment

Bump the rust-version-updates group across 1 directory with 39 updates

alonsodomin/pants #130

0.27.2 → 0.28.2 Minor PR

Closed 2 months ago 2 comments

Bump the rust-version-updates group across 1 directory with 63 updates

riisi/pants #111

0.27.2 → 0.28.2 Minor PR

Closed 2 months ago 2 comments

Update pyo3 requirement from 0.27 to 0.28 in /src-tauri

astrophotograph/astra #31

0.27 → 0.28

Open 2 months ago 1 comment

chore(deps): Bump pyo3 from 0.27.2 to 0.28.2

s0undt3ch/ToolR #170

0.27.2 → 0.28.2 Minor PR

Open 2 months ago 4 comments

Bump the rust-deps group across 1 directory with 5 updates

Saswatsusmoy/retrievalx #3

0.24.2 → 0.28.2 Minor PR

Open 2 months ago 2 comments

build(deps): bump pyo3 from 0.24.2 to 0.28.2

bigmars86/rustine #15

0.24.2 → 0.28.2 Minor PR

Open 3 months ago 1 comment

Bump the rust-deps group with 4 updates

Saswatsusmoy/retrievalx #2

0.24.2 → 0.28.2 Minor PR

Closed 3 months ago 2 comments

chore(deps): bump the cargo group across 3 directories with 11 updates

c6ai/wonnx #3

0.18.3 → 0.21.2 Minor PR

Closed 3 months ago 1 comment

Package Details

Name:	`pyo3`
Ecosystem:	cargo
PURL Type:	cargo
Package URL:	`pkg:cargo/pyo3`
JSON API:	View JSON

Security Advisories

5

Active advisories

HIGH 1

MODERATE 3

LOW 1

View All cargo Advisories

Package Information

Description:

Bindings to Python interpreter

Repository:	https://github.com/pyo3/pyo3
Homepage:	https://github.com/pyo3/pyo3
Latest Release:	`0.25.0` about 1 year ago
Dependent Repos:	2,349
Dependent Packages:	666
Downloads:	81,241,315
Ranking:	Top 0.8061% by dependent repos Top 0.354% by downloads Top 0.1269% by dependent pkgs

PR Status

Open 370 (39.4%)

Merged 159 (16.9%)

Closed 323 (34.4%)

PR Types

Minor 565 (60.2%)

Patch 211 (22.5%)

pyo3

Security Advisories

PyO3 has type confusion when accessing data from sublasses of subclasses of native types with `abi3` feature

Reference counting error in pyo3

Build corruption when using `PYO3_CONFIG_FILE` environment variable

PyO3 has a risk of use-after-free in `borrowed` reads from Python weak references

PyO3 Risk of buffer overflow in `PyString::from_object`

Recent PRs

Package Details

Security Advisories

5

Package Information

PR Status

PR Types

`pyo3`