Fix parameterized — CVE-2022-42969 HIGH
Fix CVE-2022-42969 (HIGH) in parameterized for PyPI. Paste your requirements.txt into PackageFix and get a patched version — no CLI, no signup. Redos in parametrize decorator.
⚠ Vulnerability
CVE-2022-42969 (HIGH) — ReDoS in parametrize decorator in parameterized versions below 0.9.0.
Vulnerable Version — requirements.txt
parameterized==0.8.1
Fixed Version — requirements.txt
parameterized==0.9.0
✓ Fix
Update parameterized to 0.9.0 or later. Run pip install -r requirements.txt to apply. Verify with your ecosystem's audit tool after updating.
Paste your manifest — get back a fixed version with all CVEs patched in seconds.
Open PackageFix →No signup · No CLI · No GitHub connection · Runs 100% in your browser
CVE Details
| Field | Value |
|---|---|
| CVE ID | CVE-2022-42969 |
| Severity | HIGH |
| Package | parameterized (PyPI) |
| Vulnerable versions | Below 0.9.0 |
| Safe version | 0.9.0 |
| CISA KEV | — |
| Description | Redos in parametrize decorator |
Frequently Asked Questions
What is CVE-2022-42969?
CVE-2022-42969 is a HIGH severity vulnerability in parameterized (PyPI). It allows ReDoS in parametrize decorator. Update to version 0.9.0 or later to fix it.
How do I fix CVE-2022-42969 in parameterized?
Update parameterized to version 0.9.0 in your requirements.txt. Run pip install -r requirements.txt after updating to apply the fix.
Is CVE-2022-42969 being actively exploited?
Check the live CISA KEV catalog at packagefix.dev — PackageFix always reflects the current KEV status.
How do I check if I am affected by CVE-2022-42969?
Paste your requirements.txt into PackageFix. If your installed version of parameterized is below 0.9.0, you are affected. PackageFix shows the exact CVE ID and fix version.
What search queries does this page target?
This page covers: parameterized CVE, Python test vulnerability, ReDoS pytest.