Skip to content

Commit

Permalink
chore(deps): update dependency aiohttp to v3.9.0 [security]
Browse files Browse the repository at this point in the history
  • Loading branch information
@plural-renovate
plural-renovate[bot] committed Nov 28, 2023
1 parent d7d3250 commit 7a6db57
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion ai/requirements.txt
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
aiohttp==3.8.5
aiohttp==3.9.0

Check failure

Code scanning / Trivy

python-certifi: Removal of e-Tugra root certificate High

Package: certifi\nInstalled Version: 2023.5.7\nVulnerability CVE-2023-37920\nSeverity: HIGH\nFixed Version: 2023.7.22\nLink: CVE-2023-37920

Check failure

Code scanning / Trivy

LangChain vulnerable to arbitrary code execution Critical

Package: langchain\nInstalled Version: 0.0.312\nVulnerability CVE-2023-39659\nSeverity: CRITICAL\nFixed Version: 0.0.325\nLink: CVE-2023-39659

Check failure

Code scanning / Trivy

Langchain Server-Side Request Forgery vulnerability High

Package: langchain\nInstalled Version: 0.0.312\nVulnerability CVE-2023-32786\nSeverity: HIGH\nFixed Version: 0.0.329\nLink: CVE-2023-32786

Check failure

Code scanning / Trivy

LangChain Server Side Request Forgery vulnerability High

Package: langchain\nInstalled Version: 0.0.312\nVulnerability CVE-2023-46229\nSeverity: HIGH\nFixed Version: 0.0.317\nLink: CVE-2023-46229

Check warning

Code scanning / Trivy

urllib3: Request body not stripped after redirect from 303 status changes request method to GET Medium

Package: urllib3\nInstalled Version: 1.26.17\nVulnerability CVE-2023-45803\nSeverity: MEDIUM\nFixed Version: 2.0.7, 1.26.18\nLink: CVE-2023-45803
aiosignal==1.3.1
anyio==3.7.1
async-timeout==4.0.2
Expand Down

0 comments on commit 7a6db57

Please sign in to comment.