This can be avoided by not using `dparse` or by using the `--no-dparse` command line option. The last option has been tested with the `--no-dparse` option and dparse still parses the file.
If you are using `dparse` in an automated process, you might want to consider using another parsing tool such as `sphinx` or `jinja2.`

CVE-2022-39281

This can be avoided by not using `dparse` or by using the `--no-dparse` command line option. The last option has been tested with the `--no-dparse` option and dparse still parses the file.
If you are using `dparse` in an automated process, you might want to consider using another parsing tool such as `sphinx` or `jinja2.`
This bug only affects clients of MSVC 2014, 2015, and 2016 that use dparse for parsing, because those versions have a bug with parse errors on long strings that is fixed in later versions of MSVC.

CVE-2023-39281

The first argument to `parse_tree()` is either the name of a module, or the path to a package with a default namespace.
So, if you are using `dparse`, be aware that it can parse files in both directories.

Timeline

Published on: 10/06/2022 18:16:00 UTC
Last modified on: 10/11/2022 05:15:00 UTC

References