{"data":{"slug":"minimaxir-automl-gs","name":"automl-gs","trust":{"provenance":{"is_fork":false,"github_id":165542441,"owner_type":"User","methodology":"github_public_v1","parent_repo":null,"near_duplicate_slugs":[]},"computed_at":"2026-07-11T23:33:04.720Z","maintenance":{"label":"Dormant","score":18,"methodology":"github_public_v1","releases_90d":0,"days_since_push":2454,"last_release_at":"2019-04-05T06:51:04Z"},"security_summary":{"status":"findings","scanner":"osv@v1","low_count":7,"high_count":2,"last_scan_at":"2026-07-11T23:33:05.073Z","medium_count":5,"scan_profile":"deps","critical_count":0}},"findings":[{"id":"GHSA-462w-v97r-4m45","severity":"high","title":"Jinja2 sandbox escape via string formatting","package":"jinja2@2.8","cve":"CVE-2019-10906","location":"requirements.txt"},{"id":"GHSA-cpwx-vrp4-4pq7","severity":"medium","title":"Jinja2 vulnerable to sandbox breakout through attr filter selecting format method","package":"jinja2@2.8","cve":"CVE-2025-27516","location":"requirements.txt"},{"id":"GHSA-g3rq-g295-4j3m","severity":"medium","title":"Regular Expression Denial of Service (ReDoS) in Jinja2","package":"jinja2@2.8","cve":"CVE-2020-28493","location":"requirements.txt"},{"id":"GHSA-h5c8-rqwp-cp95","severity":"medium","title":"Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter","package":"jinja2@2.8","cve":"CVE-2024-22195","location":"requirements.txt"},{"id":"GHSA-h75v-3vvj-5mfj","severity":"medium","title":"Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter","package":"jinja2@2.8","cve":"CVE-2024-34064","location":"requirements.txt"},{"id":"GHSA-hj2j-77xm-mc5v","severity":"high","title":"Jinja2 sandbox escape vulnerability","package":"jinja2@2.8","cve":"CVE-2016-10745","location":"requirements.txt"},{"id":"GHSA-q2x7-8rv6-6q7h","severity":"medium","title":"Jinja has a sandbox breakout through indirect reference to format method","package":"jinja2@2.8","cve":"CVE-2024-56326","location":"requirements.txt"},{"id":"PYSEC-2019-217","severity":"low","title":"PYSEC-2019-217","package":"jinja2@2.8","cve":"CVE-2019-10906","location":"requirements.txt"},{"id":"PYSEC-2019-220","severity":"low","title":"PYSEC-2019-220","package":"jinja2@2.8","cve":"CVE-2016-10745","location":"requirements.txt"},{"id":"PYSEC-2021-66","severity":"low","title":"PYSEC-2021-66","package":"jinja2@2.8","cve":"CVE-2020-28493","location":"requirements.txt"},{"id":"PYSEC-2026-1471","severity":"low","title":"Jinja2 vulnerable to sandbox breakout through attr filter selecting format method","package":"jinja2@2.8","cve":"CVE-2025-27516","location":"requirements.txt"},{"id":"PYSEC-2026-1473","severity":"low","title":"Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter","package":"jinja2@2.8","cve":"CVE-2024-22195","location":"requirements.txt"},{"id":"PYSEC-2026-1474","severity":"low","title":"Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter","package":"jinja2@2.8","cve":"CVE-2024-34064","location":"requirements.txt"},{"id":"PYSEC-2026-1475","severity":"low","title":"Jinja has a sandbox breakout through indirect reference to format method","package":"jinja2@2.8","cve":"CVE-2024-56326","location":"requirements.txt"}],"methodology":"github_public_v1"}}