Skip to content

Commit

Permalink
chore(deps): update dependency aiohttp to v3.8.6 [security]
Browse files Browse the repository at this point in the history
  • Loading branch information
@plural-renovate
plural-renovate[bot] committed Nov 15, 2023
1 parent d7d3250 commit 50f24c9
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion ai/requirements.txt
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
aiohttp==3.8.5
aiohttp==3.8.6

Check failure

Code scanning / Trivy

python-certifi: Removal of e-Tugra root certificate High

Package: certifi
Installed Version: 2023.5.7
Vulnerability CVE-2023-37920
Severity: HIGH
Fixed Version: 2023.7.22
Link: CVE-2023-37920

Check failure

Code scanning / Trivy

LangChain vulnerable to arbitrary code execution Critical

Package: langchain
Installed Version: 0.0.312
Vulnerability CVE-2023-39659
Severity: CRITICAL
Fixed Version: 0.0.325
Link: CVE-2023-39659

Check failure

Code scanning / Trivy

Langchain Server-Side Request Forgery vulnerability High

Package: langchain
Installed Version: 0.0.312
Vulnerability CVE-2023-32786
Severity: HIGH
Fixed Version: 0.0.329
Link: CVE-2023-32786

Check failure

Code scanning / Trivy

LangChain Server Side Request Forgery vulnerability High

Package: langchain
Installed Version: 0.0.312
Vulnerability CVE-2023-46229
Severity: HIGH
Fixed Version: 0.0.317
Link: CVE-2023-46229

Check warning

Code scanning / Trivy

urllib3: Request body not stripped after redirect from 303 status changes request method to GET Medium

Package: urllib3
Installed Version: 1.26.17
Vulnerability CVE-2023-45803
Severity: MEDIUM
Fixed Version: 2.0.7, 1.26.18
Link: CVE-2023-45803
aiosignal==1.3.1
anyio==3.7.1
async-timeout==4.0.2
Expand Down

0 comments on commit 50f24c9

Please sign in to comment.