Bump urllib3 to fix CVE-2023-45803

ucam-department-of-psychiatry · Oct 20, 2023 · f3fe9e6 · f3fe9e6
1 parent d079c27
commit f3fe9e6
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/server/setup.py b/server/setup.py
@@ -120,7 +120,7 @@
     "sqlalchemy==1.3.24",  # database access
     "statsmodels==0.13.5",  # e.g. logistic regression
     "twilio==7.9.3",  # SMS backend for Multi-factor authentication
-    "urllib3==1.26.7",  # dependency, pinned to avoid vulnerabilities
+    "urllib3==1.26.18",  # dependency, pinned to avoid vulnerabilities
     "Wand==0.6.1",  # ImageMagick binding
     # -------------------------------------------------------------------------
     # Not installed here