{"package":"dgl","ecosystem":"pypi","latest_version":"2.2.1","description":"Deep Graph Library","license":"APACHE","license_risk":"unknown","commercial_use_notes":"verify manually — license not parseable / not declared.","homepage":"https://github.com/dmlc/dgl","repository":"https://github.com/dmlc/dgl","downloads_weekly":28201,"health":{"score":50,"risk":"high","breakdown":{"maintenance":5,"popularity":10,"security":20,"maturity":15,"community":0},"deprecated":false,"max_score":100},"vulnerabilities":{"count":1,"critical":0,"high":1,"medium":0,"low":0,"details":[{"vuln_id":"GHSA-3x5x-fw77-g54c","severity":"high","summary":"dmlc/dgl Vulnerable to Remote Code Execution by Pickle Deserialization via rpc.recv_request()","affected_versions":"<=2.4.0|=0.0.1|=0.1.0|=0.1.2|=0.1.3|=0.2|=0.3|=0.3.1|=0.4|=0.4.1|=0.4.2|=0.4.3|=0.4.3.post1|=0.4.3.post2|=0.4rc190819|=0.4rc190821|=0.4rc190822|=0.4rc190823|=0.4rc190824|=0.4rc190826|=0.4rc190902|=0.4rc190903|=0.4rc190904|=0.4rc190905|=0.4rc190906|=0.4rc190908|=0.4rc190909|=0.4rc190910|=0.4rc190911|=0.4rc190912|=0.4rc190915|=0.4rc190916|=0.4rc190917|=0.4rc190918|=0.4rc190920|=0.4rc190921|=0.4rc190923|=0.4rc190924|=0.4rc190927|=0.4rc190928|=0.4rc190929|=0.4rc191001|=0.4rc191003|=0.4rc191004|=0.4rc191005|=0.5.0|=0.5.1|=0.5.2|=0.5.3|=0.6.0|=0.6.0.post1|=0.6.1|=0.8.0.post1|=0.9.0|=0.9.1|=1.0.0|=1.0.1|=1.0.4|=1.1.0|=1.1.1|=1.1.2|=1.1.2.post1|=1.1.3|=2.0.0|=2.1.0|=2.2.0|=2.2.1","fixed_version":null,"source":"osv","published_at":"2025-03-05T19:50:09Z"}],"actively_exploited_count":0,"likely_exploited_count":0},"versions":{"latest":"2.2.1","total_count":66,"recent":["0.5.2","0.5.3","0.6.0","0.6.0.post1","0.6.1","0.8.0.post1","0.9.0","0.9.1","1.0.0","1.0.1","1.0.4","1.1.0","1.1.1","1.1.2","1.1.2.post1","1.1.3","2.0.0","2.1.0","2.2.0","2.2.1"]},"metadata":{"deprecated":false,"deprecated_message":null,"maintainers_count":0,"first_published":null,"last_published":"2024-05-13T01:10:39.322890Z","dependencies_count":8,"dependencies":["numpy>=1.14.0","scipy>=1.1.0","networkx>=2.1","requests>=2.19.0","tqdm","psutil>=5.8.0","torchdata>=0.5.0","pandas"]},"github_stats":null,"bundle":null,"typescript":null,"known_issues":{"bugs_count":0,"bugs_severity":{},"status_breakdown":{},"link":null,"scope":"none"},"historical_compromise":null,"recommendation":{"action":"update_required","issues":["1 high severity vulnerabilities"],"use_version":"2.2.1","version_hint":null,"summary":"dgl@2.2.1 has vulnerabilities — update to latest"},"version_scoped":null,"requested_version":null,"_cache":"hit","_response_ms":0,"_powered_by":"depscope.dev — free package intelligence for AI agents","typosquat":{"is_suspected":true,"targets":[{"legitimate_package":"dill","distance":2,"reason":"close_name"}]},"maintainer_trust":{"available":false},"malicious":{"is_malicious":false},"scorecard":{"available":false},"quality":{"available":false},"version_history_summary":{"total_versions":20,"first_release_age_days":null,"last_release_days_ago":716,"avg_days_between_releases":null,"release_velocity":"stale"}}