You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Firstly thank-you for this great library.
But when i tried to do a pip install I'm seeing some vulnerable packages with high severity level are getting downloaded for example:
Package Name: starlette
Package version: 0.26.1
Issue: it has a high severity vulnerability which was fixed in pater version 0.27.0 or higher
CVE code: SNYK-PYTHON-STARLETTE-5538332
Package Name: requests
Package version: 2.28.2
Issue: it has s medium severity vulnerability which was fixed in 2.31.2
CVE Code: SNYK-PYTHON-REQUESTS-5595532
So wanted to check if there is any plan to upgrade the versions of the above modules to fix the vulnerabilities?
Thanks in advance
The text was updated successfully, but these errors were encountered:
Hello,
Firstly thank-you for this great library.
But when i tried to do a pip install I'm seeing some vulnerable packages with high severity level are getting downloaded for example:
Package Name: starlette
Package version: 0.26.1
Issue: it has a high severity vulnerability which was fixed in pater version 0.27.0 or higher
CVE code: SNYK-PYTHON-STARLETTE-5538332
Package Name: requests
Package version: 2.28.2
Issue: it has s medium severity vulnerability which was fixed in 2.31.2
CVE Code: SNYK-PYTHON-REQUESTS-5595532
So wanted to check if there is any plan to upgrade the versions of the above modules to fix the vulnerabilities?
Thanks in advance
The text was updated successfully, but these errors were encountered: