Patch CRITICAL/HIGH CVEs: python-jose 3.5.0, python-multipart 0.0.29
- python-jose 3.3.0 → 3.5.0 (CVE-2024-33663: CRITICAL, algorithm confusion) - python-multipart 0.0.20 → 0.0.29 (CVE-2026-24486, CVE-2026-42561: HIGH) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -3,10 +3,10 @@ uvicorn[standard]==0.32.1
|
||||
sqlalchemy[asyncio]==2.0.50
|
||||
aiomysql==0.3.2
|
||||
pydantic-settings==2.7.0
|
||||
python-jose[cryptography]==3.3.0
|
||||
python-jose[cryptography]==3.5.0
|
||||
passlib[bcrypt]==1.7.4
|
||||
bcrypt==4.0.1
|
||||
python-multipart==0.0.20
|
||||
python-multipart==0.0.29
|
||||
pytz==2024.2
|
||||
email-validator==2.2.0
|
||||
slowapi==0.1.9
|
||||
|
||||
Reference in New Issue
Block a user