Skip to content

Commit

Permalink
chore(deps): update dependency aiohttp to v3.9.4 [security]
Browse files Browse the repository at this point in the history
  • Loading branch information
@plural-renovate
plural-renovate[bot] committed Apr 20, 2024
1 parent 5a06b36 commit 5deac84
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion ai/requirements.txt
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
aiohttp==3.9.0
aiohttp==3.9.4

Check failure

Code scanning / Trivy

`python-multipart` is a streaming multipart parser for Python. When us ... High

Package: fastapi
Installed Version: 0.100.0
Vulnerability CVE-2024-24762
Severity: HIGH
Fixed Version: 0.109.1
Link: CVE-2024-24762

Check warning

Code scanning / Trivy

python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode() Medium

Package: idna
Installed Version: 3.4
Vulnerability CVE-2024-3651
Severity: MEDIUM
Fixed Version: 3.7
Link: CVE-2024-3651

Check warning

Code scanning / Trivy

langchain vulnerable to path traversal Medium

Package: langchain
Installed Version: 0.0.329
Vulnerability CVE-2024-3571
Severity: MEDIUM
Fixed Version: 0.0.353
Link: CVE-2024-3571

Check notice

Code scanning / Trivy

langchain Server-Side Request Forgery vulnerability Low

Package: langchain
Installed Version: 0.0.329
Vulnerability CVE-2024-0243
Severity: LOW
Fixed Version: 0.1.0
Link: CVE-2024-0243

Check notice

Code scanning / Trivy

LangChain directory traversal vulnerability Low

Package: langchain
Installed Version: 0.0.329
Vulnerability CVE-2024-28088
Severity: LOW
Fixed Version: 0.0.339
Link: CVE-2024-28088

Check failure

Code scanning / Trivy

llama-index vulnerable to arbitrary code execution Critical

Package: llama-index
Installed Version: 0.7.4
Vulnerability CVE-2023-39662
Severity: CRITICAL
Fixed Version: 0.9.14
Link: CVE-2023-39662

Check warning

Code scanning / Trivy

python-pydantic: regular expression denial of service via crafted email string Medium

Package: pydantic
Installed Version: 1.10.11
Vulnerability CVE-2024-3772
Severity: MEDIUM
Fixed Version: 2.4.0, 1.10.13
Link: CVE-2024-3772

Check failure

Code scanning / Trivy

`python-multipart` is a streaming multipart parser for Python. When us ... High

Package: starlette
Installed Version: 0.27.0
Vulnerability CVE-2024-24762
Severity: HIGH
Fixed Version: 0.36.2
Link: CVE-2024-24762
aiosignal==1.3.1
anyio==3.7.1
async-timeout==4.0.2
Expand Down

0 comments on commit 5deac84

Please sign in to comment.