coryHawkvelt/gatehouse-api
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

security: upgrade some package versions
Push -> develop / Deploy (push) Has been cancelled
Details
Push -> develop / Notify on result (push) Has been cancelled
Details
Push -> develop / Build Docker images (push) Has been cancelled
Details

Browse Source
This commit is contained in:
sangnn
2026-06-23 03:24:04 +00:00
parent ada22e6017
commit e0ecaf9093
2 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
requirements/base.txt
+1 -1
View File
@@ -26,7 +26,7 @@ cbor2==5.9.0 # CVE-2024-26134, CVE-2026-26209 (DoS via recursion)
# JWT / OIDC
PyJWT==2.13.0 # CVE-2026-48526 (auth bypass via forged JWT), CVE-2026-32597
cryptography==46.0.5 # CVE-2026-26007 (SECT subgroup attack)
cryptography==43.0.3 # capped <44 by sshkey-tools 0.11.3; see .trivyignore for CVE-2026-26007
# CORS
Flask-CORS==6.0.0 # CVE-2024-6221 (ACAO handling)
requirements/development.txt
+1 -1
View File
@@ -37,7 +37,7 @@ pytz==2023.3
python-dotenv==1.0.0
pydantic==2.5.0
PyJWT==2.13.0
cryptography==46.0.5
cryptography==43.0.3 # capped <44 by sshkey-tools 0.11.3
pycryptodome==3.20.0
psycopg2-binary==2.9.9
sshkey-tools==0.11.3