PyPI: stream-unzip

CVE-2021-3749

Safety vulnerability ID: SFTY-20210831-17365

Safety legacy ID: pyup.io-64541

Stream-unzip 0.0.90 fixes its dependency version for localtunnel at 2.0.2 specifically to mitigate the security risk posed by the axios vulnerability, designated as CVE-2021-3749. https://github.com/uktrade/stream-unzip/pull/75/commits/1e75270050a1752ceb82ec26accc0a10e6cf4a0a

PythonPyPINVDNVD
Created at: Nov 5, 2025Updated at: Nov 5, 2025

Overview

Stream-unzip 0.0.90 fixes its dependency version for localtunnel at 2.0.2 specifically to mitigate the security risk posed by the axios vulnerability, designated as CVE-2021-3749. https://github.com/uktrade/stream-unzip/pull/75/commits/1e75270050a1752ceb82ec26accc0a10e6cf4a0a

Advisory

Stream-unzip 0.0.90 fixes its dependency version for localtunnel at 2.0.2 specifically to mitigate the security risk posed by the axios vulnerability, designated as CVE-2021-3749. https://github.com/uktrade/stream-unzip/pull/75/commits/1e75270050a1752ceb82ec26accc0a10e6cf4a0a

Affected Package

Affecting stream-unzip package, versions
<0.0.90

Also affects

---

How to Fix

Upgrade
stream-unzip
to
0.0.90
or higher.

Mitigation and Workarounds

---

Vulnerable Functions

Functions linked to known vulnerabilities.

Vulnerable function data is available for Enterprise customers

Book a call with us to see Safety in action.

References

Safety

Verified by Safety

Our Cybersecurity Intelligence Team reviewed this vulnerability. We combine public data with our own research to find issues not yet reported to public sources.

Learn more